Tutorial Deface Poc Slims Arbitary File Upload

Tutorial Deface Poc Slims Arbitary File Upload

Assalamualaikum halo gan kembali lagi sama gw KillerMoon kali ini gw bakal kasih tutorial Deface Poc Slims Arbitary File Upload gampang banget bree!!

Bahan bahan:

-Dork

-Exploit

-Sc Deface berformat txt

-Dork

inurl:”/index.php?select_lang=” site:go.id

inurl:”/index.php?select_lang=” site:sch.id

intext:”The Winner in the Category of OSS Indonesia ICT Award 2009”

inurl:”index.php?p=show_detail&id=”

inurl:”/slims5-meranti/” site:id

Powered by SLiMS site:id

-Exploit:

admin/modules/bibliography/pop_attach.php

Akses/cara manggil sc:

www.site.go.id/repository/file.txt

www.site.go.id/path/repository/file.txt

Jika ada path nya ga perlu di hapuss

Oke pertama kita dorking dulu yaa

Kalo udah kalian pilih salah satu web ya

Lalu kasih Exploit di belakang site atau belakang path

Jika vuln tampilan nya bakal kaya gini

Kalian ketik apa aja di situ nah di tempat upload file kalian upload sc deface txt kalian

Nah langsung aja kalian klik unggah sekarang

Lalu kalo udah tinggal kalian panggil sc nya

Dan Berhasil :v

Oke segitu aja dulu tutor dari gw sampe jumpa lagi di tutor selanjutnya

Semoga bermanfaat 🙂

#Happy Deface

#Happy Learn