Deface :Deface Poc OJS=Open Journal System

Deface :Deface Poc OJS=Open Journal System


Hay Guys
writed : D4ff4

Kali ini gw bakalan share deface poc OJS


dork : intext:Journal "new submission"

           inurl:/index.php/index/user/register
           intext:about submission "Journal"
           inurl:/index.php/ojs

1. Dorking dulu 


2.Cari web yang sekirannya vuln

site.com/index.php/index/user/register




3. Cek vuln web nya dengan :Contoh: site.com/files/journals/


4.kalo udah registrasi klik submission

5.Centang semua pada step 1

6.Pada step kedua kalian bisa upload script deface / shell kalian

kalo sukses ntar ada tulisan suksesnya
7.Kalian cari shell kalian

Penjelasan :
Filename : 5-5-7-scdeface.html
5 = id user kamu

Contoh
http://site.com/files/journals/1/articles/[iduser]/submission/original/namasckalian.html

jadinya
http://site.com/files/journals/1/articles/5/submission/original/5-5-7-scdeface.html


thanks dah mampir
Previous Post
Next Post

post written by:

0 Comments: