Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

SignUp Now!

Show-Off Tutorial Deface POC KCFinder + Tutorial

SecretHere

Private
DFM Member
Joined
Nov 26, 2021
Messages
5
Reaction score
29
DragonCoin
1,278
Bahan2
1 . pc / phone
2 . internet / wifi
3 . Dork
4 . Exploit
5 . script deface ext:(shtml)
6 . kopi :v

Live Target ==>
Live Target

inurl:/asset/kcfinder/sites/all/modules/civicrm/packages/kcfinder
inurl:templates/_editor/kcfinder/
inurl:includes/kcfinder/browse.php
inurl:/kcfinder/browse.php
inurl:/lib/kcfinder/files/upload
inurl:/admin/kcfinder/files/upload
inurl:/panel/kcfinder/upload/files
inurl:/editor/kcfinder/upload
inurl:/Kcfinder/upload/files
inurl:/panel/kcfinder/

1 . Dorking Di Google Atau Menggunakan Live Target Di Atas .
Screenshot_20211205-002358.png
2 . Kita Upload Script Deface EXT:(shtml)
Screenshot_20211205-002647.png
Macam mana nak akses ?
macamni :
http://localhost/path/upload/files/namasc.shtml
Screenshot_20211205-002830.png
Tadaa !! Sudah kedeface :v
Sekian .

Tidak Faham ?
Contact Me Sir

- Sekian -
FOR EDUCATION PURPOSE ONLY !!
 
Last edited by a moderator:

Braderlala

Warrant Officer I
DFM Member
Joined
Jun 6, 2021
Messages
82
Reaction score
1,655
DragonCoin
5,419
Bahan2
1 . pc / phone
2 . internet / wifi
3 . Dork
4 . Exploit
5 . script deface ext:(shtml)
6 . kopi :v

Live Target ==>
Live Target

1 . Dorking Di Google Atau Menggunakan Live Target Di Atas .
View attachment 16011
2 . Kita Upload Script Deface EXT:(shtml)
View attachment 16012
Macam mana nak akses ?
macamni :
http://localhost/path/upload/files/namasc.shtml
View attachment 16013
Tadaa !! Sudah kedeface :v
Sekian .

Tidak Faham ?
Contact Me Sir

- Sekian -
FOR EDUCATION PURPOSE ONLY !!
nice sharing

"Saya Budak Baru Belajar, Kalau Salah Tolong Tunjukkan"
``https://tryhackme.com/p/Braderlala``

Braderlala.png
 

SecretHere

Private
DFM Member
Joined
Nov 26, 2021
Messages
5
Reaction score
29
DragonCoin
1,278
[ ? ] Boleh sertakan sekali pakai dork apa?

[ - ] Kalau boleh jangan bubuh number phone sendiri
Dork :
inurl:/asset/kcfinder/sites/all/modules/civicrm/packages/kcfinder
inurl:templates/_editor/kcfinder/
inurl:includes/kcfinder/browse.php
inurl:/kcfinder/browse.php
inurl:/lib/kcfinder/files/upload
inurl:/admin/kcfinder/files/upload
inurl:/panel/kcfinder/upload/files
inurl:/editor/kcfinder/upload
inurl:/Kcfinder/upload/files
inurl:/panel/kcfinder/

maaf ye lupa letak .
 

Craglitch

Warrant Officer I
DFM Member
Joined
Oct 29, 2021
Messages
398
Reaction score
1,662
DragonCoin
5,271
Eagle
Bahan2
1 . pc / phone
2 . internet / wifi
3 . Dork
4 . Exploit
5 . script deface ext:(shtml)
6 . kopi :v

Live Target ==>
Live Target

1 . Dorking Di Google Atau Menggunakan Live Target Di Atas .
View attachment 16011
2 . Kita Upload Script Deface EXT:(shtml)
View attachment 16012
Macam mana nak akses ?
macamni :
http://localhost/path/upload/files/namasc.shtml
View attachment 16013
Tadaa !! Sudah kedeface :v
Sekian .

Tidak Faham ?
Contact Me Sir

- Sekian -
FOR EDUCATION PURPOSE ONLY !!
Mantap bang btw tu site kerajaan bangladesh ;-;
 

BlackyGuy

Major
Bawang Rangers
Joined
Sep 29, 2021
Messages
823
Reaction score
3,863
DragonCoin
1,240,190
Eagle
Bahan2
1 . pc / phone
2 . internet / wifi
3 . Dork
4 . Exploit
5 . script deface ext:(shtml)
6 . kopi :v

Live Target ==>
Live Target

inurl:/asset/kcfinder/sites/all/modules/civicrm/packages/kcfinder
inurl:templates/_editor/kcfinder/
inurl:includes/kcfinder/browse.php
inurl:/kcfinder/browse.php
inurl:/lib/kcfinder/files/upload
inurl:/admin/kcfinder/files/upload
inurl:/panel/kcfinder/upload/files
inurl:/editor/kcfinder/upload
inurl:/Kcfinder/upload/files
inurl:/panel/kcfinder/

1 . Dorking Di Google Atau Menggunakan Live Target Di Atas .
View attachment 16011
2 . Kita Upload Script Deface EXT:(shtml)
View attachment 16012
Macam mana nak akses ?
macamni :
http://localhost/path/upload/files/namasc.shtml
View attachment 16013
Tadaa !! Sudah kedeface :v
Sekian .

Tidak Faham ?
Contact Me Sir

- Sekian -
FOR EDUCATION PURPOSE ONLY !!
nice tutorial thank you secret
 
Last edited:

Jaring

Jaring Was Here
DFM Hackers
Joined
Jun 28, 2021
Messages
1,637
Reaction score
5,339
DragonCoin
5,532
Mac OS
iOS
Microsoft Windows
Android

lu21n

Lieutenant
DFM Hackers
Joined
Jun 8, 2021
Messages
530
Reaction score
2,844
DragonCoin
67,076
Eagle
Frost Dragon
Ducati Panigale V4 R

SoloHere

Staff Sargent
DFM Member
Joined
Jun 5, 2021
Messages
337
Reaction score
926
DragonCoin
2,678
Laptop 1 Malaysia, Laptop legend Hacker 2010-now
Apple Macbook Pro 13
Apple iPhone 13 Pro
iPad Pro
Apple TV
Bahan2
1 . pc / phone
2 . internet / wifi
3 . Dork
4 . Exploit
5 . script deface ext:(shtml)
6 . kopi :v

Live Target ==>
Live Target

inurl:/asset/kcfinder/sites/all/modules/civicrm/packages/kcfinder
inurl:templates/_editor/kcfinder/
inurl:includes/kcfinder/browse.php
inurl:/kcfinder/browse.php
inurl:/lib/kcfinder/files/upload
inurl:/admin/kcfinder/files/upload
inurl:/panel/kcfinder/upload/files
inurl:/editor/kcfinder/upload
inurl:/Kcfinder/upload/files
inurl:/panel/kcfinder/

1 . Dorking Di Google Atau Menggunakan Live Target Di Atas .
View attachment 16011
2 . Kita Upload Script Deface EXT:(shtml)
View attachment 16012
Macam mana nak akses ?
macamni :
http://localhost/path/upload/files/namasc.shtml
View attachment 16013
Tadaa !! Sudah kedeface :v
Sekian .

Tidak Faham ?
Contact Me Sir

- Sekian -
FOR EDUCATION PURPOSE ONLY !!
Maap mencelah ...
Jangan gunakan nama saya ye tanpa bertanya kebenaran pada saya 😅
 
Top