Local File Inclusion ———————————————- Normal Request: We can download another file with change the value on filename parameter and we can send this request without login. Example: Add User Account with Admin Privilege without Login ———————————————- We can create user and give admin privilege to user which we have made without login. Because this app […]

EternalBlue dapat digunakan untuk melakukan eksploitasi pada layanan Server Message Block (SMB) tanpa membutuhkan proses otentikasi. Kemudian ditambah dengan menggunakan DoublePulsar untuk mengirim sekaligus mengeksekusi malicious Dynamic-Link Libraries (DLL) atau raw shellcode pada komputer korban. Berikut contoh percobaan eksploitasi pada layanan Server Message Block (SMB) menggunakan EternalBlue dan DoublePulsar. Percobaan ini dilakukan dengan membuat malicious […]

Iseng nge-lab lagi, fill the free time! Download here Hackfest 2016 Orcus Nmap Scanning the web with nikto OK first I’m interested with admin directory, let’s check it out! Hmm.. just like that, try to check backups directory I try to download this file “SimplePHPQuiz-Backupz.tar.gz” for find some information.. Yupp I found user and password […]

Description: Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. https://www.owasp.org/index.php/Command_Injection Vulnerable Menu: Tools – Ping Proof of Concept: POST /u/jsp/tools/exec.jsp HTTP/1.1 Host: 192.168.0.13:8081 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:18.0) Gecko/20100101 Firefox/18.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, […]