Cara Deface dengan Exploit Slims CMS Senayan Arbitrary File Upload Vulnerability – Kali ini saya akan share metode deface yang mungkin sedang ramai. Saya sendiri sering melihat web yang diretas dengan eksploit ini masuk ke mirror Zone-H. Yup, kita akan membahas bagaimana cara deface dengan exploit Slims CMS Senayan Arbitrary File Upload Vulnerability.
Exploit Slims CMS Senayan Arbitrary File Upload Vulnerability
#Exploit Title : Slims CMS Senayan OpenSource Library Management System The Winner in the Category of OSS Indonesia ICT Award 2009 Arbitrary File Upload Vulnerability and Auto Exploiter #Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Team #Vendor Homepage : slims.web.id #Software Download Link : github.com/slims/ * slims.web.id/web/ * slims.web.id/goslims/ #Date : 28/05/2018 #Affected Version : 5/6/7 #Tested on : Windows / Linux #Exploit Risk : High
Oke berikut beberapa dork yang bisa digunakan. Silahkan kembangkan sendiri ya..
#Google Dork 1 : intext:''The Winner in the Category of OSS Indonesia ICT Award 2009''
#Google Dork 2 : inurl:''index.php?p=show_detail&id='' site:id
#Google Dork 3 : inurl:''/slims5-meranti/'' site:id
#Google Dork 4 : intext:This software and this template are released Under GNU GPL License Version 3. The Winner in the Category of OSS Indonesia ICT Award 2009''
#Google Dork 5 : Powered by SLiMS site:id
#Google Dork 6 : Powered by SLiMS | Design by Indra Sutriadi Pipii
#Google Dork 7 : Beranda Depan · Info Perpustakaan · Area Anggota · Pustakawan · Bantuan Pencarian · MASUK Pustakawan.
#Google Dork 8 : Akses Katalog Publik Daring - Gunakan fasilitas pencarian untuk mempercepat penemuan data katalog.
#Google Dork 9 : SLiMS (Senayan Library Management System) is an open source Library Management System.
It is build on Open source technology like PHP and MySQL.
#Google Dork 10 : PERPUSTAKAAN - Web Online Public Access Catalog - Use the search options to find documents quickly
This software and this template are released Under GNU GPL License Version 3
#Google Dork 11 : inurl:''/index.php?select_lang='' site:sch.id
#Google Dork 12 : Web Online Public Access Catalog - Gunakan fasilitas pencarian untuk mempercepat anda menemukan data katalog
#Google Dork 13 : Welcome To Senayan Library's Online Public Access Catalog (OPAC). Use OPAC to search collection in our library.
#Google Dork 14 : O.P.A.C. (On-line Public Access Catalogue)
#Google Dork 15 : inurl:''/perpustakaan/repository/'' site:id
#Google Dork 16 : Senayan | Open Source Library Management System :: OPAC
Celahnya ada disini:
/admin/modules/bibliography/pop_attach.php
Contoh
http://www.thaiabc.com/senayan/admin/modules/bibliography/pop_attach.php
Upload file berekstensi txt jpg gif png
Aksesnya ada di
/repository/namafile
Contoh
http://www.thaiabc.com/senayan/repository/hello.png
Oke mungkin sekian tutorial kali ini semoga bermanfaat.
Bisa up shell gk stah?
Gak tau gan
Bisa, Coba aja Tamper Data nya
Wih… Ada gambar zero two… Mantep gan
Gakbisa Tamper Njir