[Tutorial] Deface Guestbook

Forum untuk membahas semua tentang web hacking mulai dari footprint, scanning, gain access, escalate previlege, exploit,cover track, backdoors sampai mengamankan web

Moderators: Paman, Xshadow, indounderground, NeOS-01

Forum rules
Membahas bugs,penetrasi, eksploitasi dan teknik mengamankan website - websrver. Sertakan POC disini agar member dapat mempelajarinya
x-bo
Posts: 11
Joined: Wed Feb 10, 2010 8:50 am

Re: [Tutorial] Deface Guestbook

Post by x-bo » Wed Feb 10, 2010 11:45 am

wkwkwkw...
it's very simple.. wkwkkwkw
thx 4 share kk

bluejacket
Posts: 4
Joined: Thu Feb 11, 2010 6:07 pm

Re: [Tutorial] Deface Guestbook

Post by bluejacket » Fri Feb 12, 2010 9:31 pm

gw jg udah sukses.....
niceo tutor.....

User avatar
djogja30
Posts: 111
Joined: Wed Jul 30, 2008 8:48 pm
Location: CGK 1
Contact:

Re: [Tutorial] Deface Guestbook

Post by djogja30 » Sat Feb 13, 2010 3:43 am

masih bisa, om!
::http://www.witch-films.de/system-cgi/guestbook/guestbook.php::
Sssttt..

Zinthink
Posts: 6
Joined: Wed Aug 06, 2008 8:40 pm

Re: [Tutorial] Deface Guestbook

Post by Zinthink » Wed Feb 17, 2010 10:05 pm

yup trims buat pembelajarannya ..

so aku ngikut yaaa

http://www.marvinspartyteam.de/system-c ... stbook.php

User avatar
Bi4kKob4r
Posts: 254
Joined: Sat Jul 21, 2007 11:45 am
Location: Bi4kKob4r~root : ls..
Contact:

Re: [Tutorial] Deface Guestbook

Post by Bi4kKob4r » Thu Feb 18, 2010 2:32 pm

Pencegahannya

Nah, karena ini bugs JADUL [JAMAN SIDUL] jangan ampe anak INDO masih bikin bugs yang ginian.

Caranya dengan memfilter inputan dari user, misalnya kayak gini :

Code: Select all

trim(htmlentities($_POST['nama']));
trim(htmlentities($_POST['komentar']));
ATAU :

Code: Select all

trim(strip_tags($_POST['nama']));
trim(strip_tags($_POST['komentar']));
apa bedanya??

kalo pake htmlentities itu akan menjadikan script HTML yang dimasukkan menjadi text biasa (Tidak dibaca sebagai script HTML).
kalo strip_tags itu untuk menghapus script HTML yang dimasukkan.

jadi bedanya, kalo pake htmlentities itu script HTML yang dimasukkan akan tetap kelihatan pada halaman view posting, tapi kalo strip_tags itu akan otomatis dihapus.

kalo pengen lebih jelasnya tanya ma si "OM" terus baca deskripsi lengkapnya.

:tapa: :tapa: :tapa: :tapa:
I think just : Make better than the best

Life is Love,
Love is Feeling,
Feeling is your heart,
Heart Controlling By your brain.

Always INject your brain with the greatest knowledges.

nagacuilik
Posts: 25
Joined: Tue May 12, 2009 4:54 pm

Re: [Tutorial] Deface Guestbook

Post by nagacuilik » Sat Feb 20, 2010 9:55 am

huaaaaaa, kaya'a tinggal saya doang nih yang gak bisa :omg:

suhu, saya sudah search di mbah google kan ada tuh, nah pas nyari yang ada kata" HTML-Code ist eingeschaltet ternyata tidak ada :mati:

mohon pencerahannya suhu :kaca: :kaca: :kaca:

flashdisk
Posts: 13
Joined: Mon Mar 01, 2010 9:27 pm
Location: jawatengah
Contact:

Re: [Tutorial] Deface Guestbook

Post by flashdisk » Wed Mar 03, 2010 6:10 am

mantap...
udah trik jdul tp masih wokeh...
:licik:
I love u all

YaDoY666
Posts: 49
Joined: Fri Mar 30, 2007 10:22 am
Location: C:\Windows\System32
Contact:

Re: [Tutorial] Deface Guestbook

Post by YaDoY666 » Wed Mar 03, 2010 1:27 pm

huehuehuehue.... masih ada yah guestbook yg bisa di inject make html. Trik ini dah lama padahal, dah ada sejak bokap gw masih jadi preman... ^_^
ANTI NATO ( NO ACTION TALK ONLY )


http://yadoy666.serverisdown.org

fandyst
Posts: 48
Joined: Wed Jan 13, 2010 8:15 am
Location: PKL City
Contact:

Re: [Tutorial] Deface Guestbook

Post by fandyst » Wed Mar 03, 2010 4:56 pm

Berhasil gan...
Cuman artinya "Deface" apaan ya ??? Maklum newbie bgt sih...????
Saya hanyalah seorang newbie yang sedang ingin
belajar dan terus belajar agar mencapai target saya
bahkan melebihinya.

ccont80
Posts: 8
Joined: Sun Feb 21, 2010 12:54 am

Re: [Tutorial] Deface Guestbook

Post by ccont80 » Wed Mar 03, 2010 5:02 pm


Post Reply

Return to “Web Hacking”