API tools faq
paste
Advertisement
Kyfx

customupload.html sql injection

Kyfx
Dec 20th, 2015
688
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.93 KB | None | 0 0
raw download clone embed print report
  1. Vuln 1:- Upload Shell Vulnerability ...
  2.  
  3. Google Dork:- inurl:customupload.html
  4.  
  5.  
  6.  
  7.  
  8.  
  9. Nanti keluar banyak result dan korang masukkan poc dibawah ni dibelakang site..
  10.  
  11.  
  12.  
  13. Poc:- fileupload.html
  14.  
  15.  
  16.  
  17. Contoh :- http://www.copyplusus.com/fileupload.html dan akan keluar form untuk diisi.Upload shell korang dengan nama SHELL.PHP.Untuk mencari shell yg telah anda upload boleh lihat di directory /fileuploads/ atau lain :) .
  18.  
  19.  
  20.  
  21. Vuln 2:-Sqli Injection Vulnerability to get admin access
  22.  
  23. Google Dork:- inurl:customupload.html
  24.  
  25.  
  26.  
  27. Korang pilih je mane-mane site dan akan keluar link seperti dibawah ini ...
  28.  
  29.  
  30.  
  31. Contoh:- http://www.choiceprintings.com/customupload.html?category=5' .. dan akan mengeluarka error . Run havij atau tool lain dan masukkan link ni ;)
  32.  
  33.  
  34.  
  35. Admin login page default:- Administrator
  36.  
  37.  
  38.  
  39. Live site:-
  40.  
  41.  
  42.  
  43. http://www.choiceprintings.com/fileupload.html
  44.  
  45. http://www.copyplusus.com/fileupload.html
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!