Deface Poc jQuery file upload (JFU)

Posted by : DUHK Wednesday, December 23, 2020


[•]Deface jQuery file upload [•]

Time: Kamis,24, Desember

Author: HdID

Type: deface & xploiting

#################

Dork: 

-"jQuery file Upload Demo jQuery file Upload"

-inurl: server/php/

Xploit: /server/php/

Vuln?: {"files":[]}

Csrf online :cari di google 

 #############################

1.DORKING DULU 

2.KLO UDH NEMU LU KASIH EXPLOIT CONTOH (cominiweb.com/jQuery-file-upload/server/php  (klo vuln bakal muncul  {"files":[]} tapi gak mesti bisa up file!)

3.buka csrf masukin web lu trus post file lu isi ( files[] )

4. Lalu up sc/Shell lu 

5.cara akses lu Tigal tambahin path di belakang web contoh /files/sc.php 


Ok paham? Tq udh mampir

Leave a Reply

Subscribe to Posts | Subscribe to Comments

Popular Posts

© 2020 - Powered by Blogger

Widget HTML Atas

Widget HTML Produk

Widget HTML Jasa

Menu Halaman Statis

Powered by Blogger.

- Copyright © Underground Hacks - Blogger Templates - Powered by Blogger - Designed by Johanes Djogan -