Home > Defacing > Defece Menggunakan CuteNews 2.0.3 Remote File Upload Vulnerability

Defece Menggunakan CuteNews 2.0.3 Remote File Upload Vulnerability

Saturday, August 27, 2016 Defacing

kali ini gua akan share Defece Menggunakan CuteNews 2.0.3 Remote File Upload Vulnerability

Dork: intext:powered by cute new
inrul : /CuteNews/?register <kembangin

Kalau Vuln tampilannya kaya gini , lalu lu klik REGISTER ( yang di samping itu )

kalau sudah di isi semua , lalu lu klik REGISTER , habis itu lu di suruh LOGIN dulu
, kalau sudah LOGIN , Lu masuk ke Personal Option , pilih Select Upload Avatar ( foto profil )

Rename shelmu jadi Shel.jpg + pakai Tamper data , kalau sudah lu upload shelmu di Avatar(foto profil) tadi , lu mau tau akses shel lu ? oke gua kasih tau

Akses shell : www.site.com/cutenews/uploads/avatar_NamaLuPasRegisterTadi_shelmu.php

@kalau masih belum mengerti harap komen ya

Thanks To: Mr . 3RR0R |PhantomGhost Team | ITSulawesi Sec

No comments

Silahkan Komentar dengan bahasa yang sopan

Subscribe to: Post Comments ( Atom )

CowoKerensTeam

Header Ads

Defece Menggunakan CuteNews 2.0.3 Remote File Upload Vulnerability

Post a Comment

No comments

Follow Us

Facebook

Popular Posts

Sponsor

Comments

Labels

Blog Archive

Recent Posts

Popular Posts

CowoKerensTeam

Header Ads

Defece Menggunakan CuteNews 2.0.3 Remote File Upload Vulnerability

Related Posts

Post a Comment

No comments

Follow Us

Facebook

Popular Posts

Sponsor

Comments

Labels

Blog Archive

Recent Posts

Popular Posts