Sunday, 12 February 2012

SimogeoFilemanager - File Upload Vulnerability


Assalamualaikum dan salam sejahtera~~ entry kali ini nak ajar korang satu exploit.Ok malas nak cakap banyak jom mula.

1. Cari web target :

Dork :

  • inurl:/filemanager/userfiles/ filetype:pdf 
  • inurl:/filemanager/index.html

Vuln di : /filemanager/index.html

Cari web yang ada vuln tersebut.

Contoh : 
http://target.com/filemanager/index.html

2. Upload Shell php korang.

3. Tengok hasil :
Letak di hujung url : /UserFiles/Shell.php <---nama shell korang

Contoh link : 
http://target.com/filemanager/UserFiles/Shell.php

4. Siap :D

Itu saja..Assalamualaikum~~
Item Reviewed: SimogeoFilemanager - File Upload Vulnerability Description: Rating: 5 Reviewed By Afif Zafri

Share:

Popular Posts

© 2011 - Reaperz All rights reserved | Theme Designed by Seo Blogger Templates DMCA.com