IDCA Blog's

Knowledge is Free | We Share To Everywhere

Tuesday, May 28, 2013

Drupal IMCE Mkdir Remote File Upload Vulnerability

4:30 PM Defacing , 12 Comments

Assalamualaikum..

Selamat pagi? ternyata udah pagi :3 sekedar berbagi daripada ga sama sekali :D

Yup, tetep semangat berbagi, tapi jangan pada ngiri :( langsung aja dah, udah ngantuk :p

Google Dork : inurl:"/imce?dir="

Cari target dulu gih :) pake noh google dork nya yah :p

Nah, buka dah satu2 targetnya, yg sabar aja nyarinya :p  disini saya nemu satu aja sebagai contoh, lalu klik upload!



upload dah file sobat, dan tunggu hasilnya :p filetype yg boleh diupload : txt,php,jpg,dll


kalo udah berhasil upload file, cari file sobat disini:

http://www.site.com/files/filesobat

Begitu aja yah, udah ngantuk banget :( moga bermafaat aja :D kalo ga ngerti harap dimaklumi :p

Content Creator : Onix AQua
By di
Label:

12 comments:

  1. AnonymousMay 28, 2013 at 11:13 PM

    IDCACAD

    ReplyDelete
    Replies
    1. Onix AQuaMay 29, 2013 at 12:28 AM

      udah, mimik cucu dulu cana,,, :-d

      Delete
    2. M. Ilham SyaputraMay 29, 2013 at 5:06 AM

      Bocah labil itu min. Biasa, ga bisa liat orang lebih jago dari dia :v

      Delete
    3. Galuh Putra PerdanaMay 29, 2013 at 8:41 AM

      iya om onix, BoLab itu, Bocaah Labill :v =))

      Delete
    4. Problem ChildMay 29, 2013 at 5:27 PM

      Jangan2 si "....." nih. o.O

      Delete
    5. BimoMay 29, 2013 at 5:31 PM

      hattori iya kayaknya si ..... :-b

      Delete
    6. UnknownJune 1, 2013 at 1:09 AM

      DDOS aja kompi ni bocah :-t
      biar ancur kaga rusuh lagi (m)

      Delete
  2. UnknownMay 29, 2013 at 1:24 AM

    This comment has been removed by the author.

    ReplyDelete
  3. UnknownMay 29, 2013 at 6:53 PM

    Kalo formatnya bisanya gif, png, jpg, ama jpeg doang gimana min?

    ReplyDelete
  4. Manuel FebriJune 5, 2013 at 5:00 AM

    @atas pakek tampar data sob!

    ReplyDelete
  5. ADMINJune 24, 2013 at 9:51 PM

    kegunaannya untuk apa ne ggan

    ReplyDelete
  6. Rijal ImnidaNovember 10, 2013 at 3:03 PM

    upload shell bisa gk om? :-d

    ReplyDelete

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)