tutorial

Responsive FileManager ( RFM ) Inject Filename Upload Shell + Live Target !

VxSee7
by VxSee7 February 22, 2020

=====================================

Oke kali ini gw mau ngasi tau temuan celah terbaru di plugin rfm / Responsive FileManager.
Buat kalian yg dulu deface rfm cuma bisa upload script html doang, skrng ada cara upload shell php nya nih. Oke langsung aja ke tutorialnya...

=====================================

DORK : inurl:/filemanager

=====================================

EXPLOIT :

  • /filemanager/dialog.php
  • bypass atau ubah ekstensi shell dari namashell.php ke namashell.php<?.html


 =====================================

 LANGKAH - LANGKAH :

  • Dorking dulu dan pilih salah satu target.
  • Live Target : https://www.gem.clinic/template/admin/filemanager/
  • Buka /filemanager/dialog.php.
  • Upload shell yang sudah kalian rename ( namashell.php<?.html )
  • Klik kanan salah satu file, dan pilih Show URL untuk melihat lokasi ke uploadnya, nah kebetulan target saya lokasi ke uploadnya di /assets/user-img/
  • Akses shellnya di "/assets/user/img/namashell.php" 
  • Extensi file .php<?.html akan otomatis ke rename menjadi .php, jadi kalian langsung buka namashell.php aja.
Oke sekian dari saya.

Mau repost artikel? Sertakan sumber nya ya mas heker hehe.

thx to : Jogjakarta Hacker Link, FilthyRoot
VxSee7

Posted by VxSee7

Orang Mageran

Post a Comment

20 Comments

  1. JamesFebruary 23, 2020 at 11:35 PM

    kek mana bang ubah nya file ngasih symbol <?

    ReplyDelete
  2. AnonymousFebruary 24, 2020 at 11:39 AM

    Gan kok w uda upload terus udah berhasil tuh kann tanda ceklis nah tapi pas w cek ko shell yg w upload gaada ya gan itu bgimana penjelasannya ..

    ReplyDelete
  3. RiedaymeApril 22, 2020 at 7:36 AM

    di windows ga bisa rename file jadi <?

    ReplyDelete
    Replies
    1. VxSee7April 24, 2020 at 4:01 AM

      coba rename pake cmd ( mv file.php file.php<?.html )

      Delete
  4. AnonymousApril 25, 2020 at 8:50 AM

    ga bisa lah di rename kek gitu

    ReplyDelete
  5. AnonymousApril 25, 2020 at 8:51 AM

    coba upload file na gan kalo ada

    ReplyDelete
  6. AnonymousMay 4, 2020 at 4:17 AM

    Ga semua web work ya min?

    ReplyDelete
    Replies
    1. VxSee7May 4, 2020 at 4:41 AM

      iya, untuk rfm versi terbaru dia ga vuln dgn Exploit itu

      Delete
  7. VxSee7June 12, 2020 at 8:00 AM

    Buat yang gabisa rename ke shell.php<?.html di android / windows kalian bisa pake tamper data / burpsuite buat rename ke shell.php<?.html pas uploadnya, nanti ter-uploadnya shell.php :)

    ReplyDelete
  8. Media Nurul MusthofaSeptember 22, 2020 at 7:07 PM

    Punten Slur Anak "INDONESIAN PREDATOR" Mau Lewat:)

    ReplyDelete
  9. widhiOctober 8, 2020 at 4:07 AM

    tutor upload shell pake tamper data versi firefox dund

    ReplyDelete
    Replies
    1. VxSee7October 8, 2020 at 7:37 AM

      next bang, saya buat tutor tamper data pake burpsuite

      Delete
  10. AnonymousDecember 17, 2020 at 12:32 AM

    itu rename nya pas ditamper yah?

    ReplyDelete
  11. UnknownJanuary 13, 2021 at 10:01 AM

    Cara coly gmna(;b
    Serius gua nanya

    ReplyDelete