• Dropzone File Upload
Welcome back sama aeng Randi ;v
Gasken lah ke tutor nya;v
Bahan-bahan :
1. Shell backdoor
2. Script deface
3. CSRF Online
http://lightcyberindonesia.freevar.com/tools/csrf.php
4. Dork :
** inurl:/dropzone/upload/
5. Exploit : /dropzone/upload.php
Langkah-langkah :
1. Dorking dulu lah, pake otak smart kalian. Teros kalo udh nemu target, masukkan exploit.
Contoh:
www.asu.go.id/[path]/dropzone/upload.php
Jika blank putih/layar kosong, itu vuln cuk
2. Pergi ke CSRF online, masukkan postfilenya : file
3. Upload deh mau shell/script deface. Shell kalo web yg bisa up shell.
Hehe :)
Se you next time
Welcome back sama aeng Randi ;v
Gasken lah ke tutor nya;v
Bahan-bahan :
1. Shell backdoor
2. Script deface
3. CSRF Online
http://lightcyberindonesia.freevar.com/tools/csrf.php
4. Dork :
** inurl:/dropzone/upload/
5. Exploit : /dropzone/upload.php
Langkah-langkah :
1. Dorking dulu lah, pake otak smart kalian. Teros kalo udh nemu target, masukkan exploit.
Contoh:
www.asu.go.id/[path]/dropzone/upload.php
Jika blank putih/layar kosong, itu vuln cuk
2. Pergi ke CSRF online, masukkan postfilenya : file
3. Upload deh mau shell/script deface. Shell kalo web yg bisa up shell.
Hehe :)
Se you next time
Komentar
Posting Komentar