• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Exploit Chiangraientersoft HTML Injection

October 6, 2013 by Jack Wilder 3 Comments

Oke langsung saja ya. Ini exploit yang saya baca semalam di Forum Newbie-Sec .
Google Dork :
inurl:Qread.php?id_ques=
inurl:webboard/Qread.php?id_ques=
Vulnerable at ‘Qform.php’ at Field Subject/Title

Langkah langkah :
Pertama , dorking dulu nyari target vuln.
Sebagai contoh, target saya adalah : http://www.friends-inter.com/webboard/Qread.php?id_ques=16
Ubah url nya menjadi :
http://www.friends-inter.com/webboard/Qform.php
Nah, ada form yang harus diisi :
Form Subject (paling atas) isi dengan kode html.
lainnya isi ngawur aja kecuali kode chaptcha yang paling bawah.

Dan hasilnya ada di indexnya 😉
http://www.friends-inter.com/webboard/

Sekian tutorial kali ini, semoga bermanfaat .
Thanks to :
Newbie-Security

Filed Under: Uncategorized Tagged With: Exploit

Reader Interactions

Comments

  1. cak oni says

    October 7, 2013 at 8:14 am

    mungkin bisa dicoba di website tadi kang yang disekolah 😀

    Reply
  2. cara mengobati kelenjar tiroid says

    October 9, 2013 at 6:24 am

    wah keren banget hasilnya

    Reply
  3. obat gondok says

    October 9, 2013 at 6:24 am

    langsung coba sekarang

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

DNS Hijacking through Social Engineering

Cara Mudah Hack cPanel dengan Fitur Reset Password

Tutorial Hack WHM dan cPanel dengan WHMCS Killer

Reverse Shell From Local File Inclusion Exploit

Open Redirect Bypass Cheat Sheet

Command Injection Bypass Cheatsheet

Exploit WordPress Ajax Load More PHP Upload Vulnerability

Deface WordPress dengan Exploit WordPress TheLoft Theme Arbitrary File Download Vulnerability

RCE pada Redis via Master-Slave Replication

Deteksi Celah No Redirect pada Suatu Situs menggunakan cURL

LinuxSec / 11 queries in 0.10 seconds