Registration Pegawai Vulnerability Upload

2018.02.10

Anonymous (ID)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

***************************************************
# Exploit Title: Registration Pegawai Vulnerability Upload
# Google Dork:
intext:"Registrasi Pegawai" ext:php
inurl:registrasi.php intext:"Registrasi Pegawai"
Etc.
# Exploit: /registrasi.php
# Date: 07/02/2018
# Author: Gord1
# Team: Our Struggle Team
# Tested on: Kali linux - Android 5.1.1
***************************************************
Proof of Concept :
[+] Search the dork in Google
[+] Open target
[+] Registration and upload your shell in profil picture.
[+] Login with your NIP and Password
[+] Call your shell in profile picture
[+] You shell usually in directory /images_peg/
[+] Use your brain its easy :c
[+] Done.

Example : http://ayamgeprekbebas.com/

Greetz my friend : xfc0re - S3ctor Cr3w 

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Registration Pegawai Vulnerability Upload

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.