• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Bypass Disabled Functions on LiteSpeed Server

June 1, 2014 by Jack Wilder 6 Comments

Iseng iseng nyoba nanem shell di web sendiri. Gak ngapa ngapain sih . Ngetes aja. Kebetulan pake server LitleSpeed. Nah, pada tau kan pasti Disabled Function nya banyak banget. Symlink gak bisa, config gak bisa, upload shell yang di encrypt gak bisa, dll.

Contohnya, liat ss dibawah ini :

Nah, itu bisa di bypass. Simpel kok.
Cukup kalian buat file .htacces di public_html dan isikan dengan kode berikut
<Files *.php>
  ForceType application/x-httpd-php4
</Files>

Refresh backdoor kalian dan..

Hahh…
Server bypassed. 😉

Simpel kan. Sekian dan semoga bermanfaat. 😀

Filed Under: Uncategorized Tagged With: Hacking, How To

Reader Interactions

Comments

  1. Anonim says

    July 9, 2014 at 12:27 am

    thanks

    Reply
  2. Jasa Rekber Terpercaya says

    July 31, 2016 at 7:52 am

    positif dapat meningkatkan kemanan server thanks mas

    Reply
  3. budhi budhek says

    April 10, 2017 at 2:25 am

    anjing

    Reply
  4. Anonymous says

    January 6, 2019 at 7:00 pm

    Mau Tanya , Kenapa pas dibuat malah web ga bisa diakses langsung blank gitu ?

    Reply
  5. Pesulap says

    October 13, 2021 at 11:30 am

    Artikelnya kurang jhelas bang tolong di perbaiki

    Reply
  6. Hilya says

    November 2, 2021 at 6:26 am

    Agak kesulitan sih ngeliat gambarnya, tapi ya… cukup okelah!

    #Mampir bang! https://tinyurl.com/Multi-Parallel-Pro

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

Deteksi Celah No Redirect pada Suatu Situs menggunakan cURL

Exploit WordPress Ajax Load More PHP Upload Vulnerability

Cara Deface dengan Exploit Slims CMS Senayan Arbitrary File Upload Vulnerability

Zendesk Custom Domain or Subdomain Takeover

Deface WordPress dengan Exploit WordPress Plugins WPShop File Upload Vulnerability

Tool Deface Opencart Bruteforce and Upload Image

RCE pada Redis via Master-Slave Replication

FCKeditor Bypass Shell Upload With Burp Suite Intercept

WordPress Plugin CopySafe PDF Protection Shell Upload

Tumblr Custom Domain or Subdomain Takeover

LinuxSec / 10 queries in 0.09 seconds