Teknik Web Jumping Attack

Forum untuk membahas semua tentang web hacking mulai dari footprint, scanning, gain access, escalate previlege, exploit,cover track, backdoors sampai mengamankan web

Moderators: Paman, Xshadow, indounderground, NeOS-01

Forum rules
Membahas bugs,penetrasi, eksploitasi dan teknik mengamankan website - websrver. Sertakan POC disini agar member dapat mempelajarinya
Post Reply
th3r00t
Posts: 20
Joined: Sat Jun 13, 2009 12:27 pm
Location: Bandung, Jawa Barat
Contact:
Contact th3r00t

Teknik Web Jumping Attack

Post by th3r00t » Sat Jun 13, 2009 4:41 pm

Hihihihi, pasti yang sering maen deface udah pada tau trik yang gampang ini..
Kebutuhan :
- Backdoor c99/r57 PHP
- Kesabaran yang Cukup
- Hosting yang ada "hole" nya
- Kopi Susu + Ceremix :lol:

1. Langsung aja, ingat2 URL target (harus banget.. wakakka) terus cari site yang satu webserver, dengan paste URL tersebut di http://www.antihackerlink.or.id/ip2host (toolsnya om flexus)
2. Klik "Fcuk Them" (Ini disengaja ato enggak gw gak tau.. :lol: )
3. Brettt... muncul banyak URL.... Cari vuln. diantara web tersebut, atau tinggal pakai script perl ini untuk mencari joomla versi lama (script mohon di edit sendiri karena saya lupa lagi :lol: )
4. Kalau misal anda nemu vuln. nya, tinggal anda upload itu backdoor
5. Akses backdoor, terus misalnya bisa masuk ke dir /home
6. Anda cari URL yang mewakili target, contoh http://www.hackthis.net
cari /home/hackthis
7. Tinggal anda tanam backdoor lagi disana atau sisanya terserah anda :D

Sorry kalo misal'a trik ini gak ada guna atau ada yang kurang, tinggal comment saja disini :)
*Update untuk mencari site yang satu webserver pakai disini

http://www.yougetsignal.com/tools/web-s ... eb-server/

makasih atas perhatian'a :D
Last edited by th3r00t on Wed Jun 24, 2009 7:54 am, edited 1 time in total.
Salam kenal dari seorang nyubie,
www.c0mrade.co.cc | www.c0mr4d3.uni.cc
Top
User avatar
hackerku
Posts: 61
Joined: Tue Aug 21, 2007 2:49 pm
Location: _ROOT\Drive\shell\
Contact:
Contact hackerku

Re: Teknik Web Jumping Attack

Post by hackerku » Sat Jun 13, 2009 5:03 pm

Ok Master :)
Image
Www.H4ck3rku.Com|Www.Serverisdown.org|Www.Yogyafree.net|Www.Borneo.Darkbb.Com=>
Top
User avatar
bernadsatriani
Posts: 71
Joined: Sat Jan 17, 2009 5:23 am
Location: localhost
Contact:
Contact bernadsatriani

Re: Teknik Web Jumping Attack

Post by bernadsatriani » Sat Jun 13, 2009 6:28 pm

wedew..
itu khusus upload backdoor di joomla ya oom ?
:?:
Top
th3r00t
Posts: 20
Joined: Sat Jun 13, 2009 12:27 pm
Location: Bandung, Jawa Barat
Contact:
Contact th3r00t

Re: Teknik Web Jumping Attack

Post by th3r00t » Sat Jun 13, 2009 7:47 pm

@h4ck3rku

bukannya om yang udah master :D

@bernadsatriani

skrip perl nya buat cari joomla diantara url yang banyak di ip2hostnya.. bukannya juga om udah master :)
Salam kenal dari seorang nyubie,
www.c0mrade.co.cc | www.c0mr4d3.uni.cc
Top
N4ck0
Posts: 65
Joined: Tue Mar 03, 2009 9:57 pm
Location: Under
Contact:
Contact N4ck0

Re: Teknik Web Jumping Attack

Post by N4ck0 » Sat Jun 13, 2009 10:19 pm

nice share kk
dicoba sekarang
Top
User avatar
bernadsatriani
Posts: 71
Joined: Sat Jan 17, 2009 5:23 am
Location: localhost
Contact:
Contact bernadsatriani

Re: Teknik Web Jumping Attack

Post by bernadsatriani » Sun Jun 14, 2009 9:33 am

ajarin dunk caranya kk...
:oops:
Top
User avatar
Bi4kKob4r
Posts: 254
Joined: Sat Jul 21, 2007 11:45 am
Location: Bi4kKob4r~root : ls..
Contact:
Contact Bi4kKob4r

Re: Teknik Web Jumping Attack

Post by Bi4kKob4r » Sun Jun 14, 2009 2:27 pm

good job bro :D

langsung dah kalo gitu...
emang joomla user harus segera dipaksa migrasi ke versi terbaru...

biar ga pada ke dipace :D :D :D :D
I think just : Make better than the best

Life is Love,
Love is Feeling,
Feeling is your heart,
Heart Controlling By your brain.

Always INject your brain with the greatest knowledges.
Top
User avatar
kebumen123
Posts: 3
Joined: Fri Nov 02, 2007 2:52 pm
Location: C:\windows\system32
Contact:
Contact kebumen123

Re: Teknik Web Jumping Attack

Post by kebumen123 » Sun Jun 14, 2009 4:40 pm

Work For me Bozzzz,,, :P :P :mrgreen:
Image
Get Linux Free On Here Or In Here
Update Rapidshare AccounTTT cepet!!!!! !Rapidshare Account Free And Legal!
Top
th3r00t
Posts: 20
Joined: Sat Jun 13, 2009 12:27 pm
Location: Bandung, Jawa Barat
Contact:
Contact th3r00t

Re: Teknik Web Jumping Attack

Post by th3r00t » Mon Jun 15, 2009 4:51 pm

@n4ck0

sepp.. moga berhasil :D

@om bernadsatriani

waw.. master merendah :D

@Bi4kKob4r

iya bener juga om. kalo joomla harus cepet2 update, apalagi dari yang 1.5.1 yang banyak bugnya :D

@kebumen123

seep kalo gitu om :D
Salam kenal dari seorang nyubie,
www.c0mrade.co.cc | www.c0mr4d3.uni.cc
Top
User avatar
hackerku
Posts: 61
Joined: Tue Aug 21, 2007 2:49 pm
Location: _ROOT\Drive\shell\
Contact:
Contact hackerku

Re: Teknik Web Jumping Attack

Post by hackerku » Mon Jun 15, 2009 5:00 pm

Naah Ini patch Bug joomla V 1.5.1 nya yak... :oops:

- Buka file reset.php
- Letaknya di folder /components/com_user/models/ > klo ga salah
- Cari kode “global $mainframe“
- Tambahkan Code ini di bawahnya

Code: Select all

if(strlen($token) != 32) {
$this->setError(JText::_(’INVALID_TOKEN’));
return false;
}
- Kalo males, Copy reset.php di Version Joomla Terbaru :mrgreen: :mrgreen: :mrgreen:

Kinds regards,
Image
Www.H4ck3rku.Com|Www.Serverisdown.org|Www.Yogyafree.net|Www.Borneo.Darkbb.Com=>
Top
Post Reply

Return to “Web Hacking”