Minggu, 19 Februari 2017
Deface Website CMS Balitbang [With Exploiter]
![Deface Website CMS Balitbang [With Exploiter]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmyKhwThyvQGLs_eqo17MwzqdwAFcFsNNSjxKY6yVL7boxuyAorsXnjeF5BKDHmyeazcP04gigpQ6HPuNRWcWN_Jnmeok4jOV1fmnEPqvpz8eoYnP0TxW4xWCff5HcL-I-eQ4-pivY7fTV/s1600/C4ZLYoxVUAA2quU.jpg "Garuda Security Hacker")
_Tuan2Fay_ ~ Sebelum kita mulai tutorial ini,, ane pengen ngucapin terimakasih banyak buat partner Garuda Security Hacker yaitu teman-teman dari TKJ Cyber Art karena ini exploit ane tau dari TKJ Cyber Art.. terus ane mau ngucapin mohon maaf buat member TKJ Cyber Art terutama BabaNue :v karena ane kaga maen Mobile Legends dulu eaa.. ntaran dah kalo ML ada event bagi2 dm gratis ane maen lagi :v :v.. ok lanjut ke tutorial..
PESAN _Tuan2Fay_ : Karena exploit ini mencakup website sekolah jadi saya mohon dengan amat sangat,, jangan menebas file apapun !! jka ingin home deface cukup upload index.html
Bahan-Bahan :
1. Shell Backdoor yang udh di ubh formatnya, bukan php lagi, tapi .phtml atau .php52. Exploiternya,, udah ane tanem nih (Crot Disini)
3. Dork : inurl:/siswa.php intext:Tim Balitbang site:.id
Step by Step :
1. Dorking dlu dah di gugell..2. Cari targetnya yang mane aje serah lu pade tong.. asal jgn bini orang aje
3. Buka Exploiternya, lalu masukan site targetnya. Username ama Pass nya serah mau diganti apa kaga, defaultnya fayid 123456
![Deface Website CMS Balitbang [With Exploiter]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvOcvuzfcN6PacMUY_33XNX6svOn_OiUviwlPyb3b9y2KLWg6k7IEnSrf38-OU2vnGJU3474eY2qDtfkXtK3nhoqalfpAb8nFcfst2qzJF4QqaxUmnrtxu8G2H08R1nLxI5V3fbncTm9L9/s1600/Screenshot+%25284%2529.png "Deface Website CMS Balitbang [With Exploiter]")
4. Setelah klik next, ntaran akal muncul captcha yang harus lu isi dengan bner
![Deface Website CMS Balitbang [With Exploiter]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6yvZh0nyx4G0-4yE4De8J-S7vTxBHrgZsc5eqt3pIHU1UNVMto9hSwaAnxB4KJcW6HqEWJuJixVjo6PsmfzASIYJgIWc6TgopcDd4r1VEJqvWuag7Rh6PpFbDRpJLInhmAS0-TR8-uzoS/s1600/Screenshot+%25286%2529.png "Deface Website CMS Balitbang [With Exploiter]")
5. Kalo udeh tinggal klik go aje,, ntar muncul beginian ↓
![Deface Website CMS Balitbang [With Exploiter]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQ3LtpjgpwGvdrofQXiavlic0C_HaDJ6pu2zOA140p3PhFgLDM0lKVtINODcTXht1pT45df3rIKCkFHpcfDAXfVB0XpaBa1bW1vPykzpquqVM3Z-UMVnmXTAkWk3EHs6pEmA8OaYMK2xDE/s1600/Screenshot+%25287%2529.png "Deface Website CMS Balitbang [With Exploiter]")
6. Kalo udeh muncul noh yang gambar sebelah captcha (lupa di tandain) klik dah tuh yg di kotak merah ⇑
![Deface Website CMS Balitbang [With Exploiter]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJUhnVj9xe-jDy2oCF58iyaxZr-UKcDimzQ4wr91KeVEO-6Nx3C0cWGGgcBDJNSv-AwqRxJjhBVMHpyLQMuS-BSGWWhDcD3DlwszJ4IK25mqbsY14nrT626bzGQrOWWIqJmbc_RcZ9L-Sv/s1600/Screenshot+%25288%2529.png "Deface Website CMS Balitbang [With Exploiter]")
7. Kalo udeh muncul begituan (kotak merah pertama) itu dah pasti vuln (tapi kaga tau juga :v),, nah klik "Lewat sini" ↑↑↑↑↑
![Deface Website CMS Balitbang [With Exploiter]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSMqe3Sb9ycXAVkuuVjr4YwMF2GTyMR5ZuvucQOMp03fNjSNoOv48JGhJ1omvVfsfjOjkOMpaMYKWdWuqkRg3g4VZ1Xstecm78JhzO-zOjbU2Ol7b-MdFN8GaBiobty3O5QT89OVDBX-GI/s1600/Screenshot+%25289%2529.png "Deface Website CMS Balitbang [With Exploiter]")
8. Ikutin gambar aje yehh, ↑↑ dah pegel ngetik dari tadi... untung kuota gratis :v
![Deface Website CMS Balitbang [With Exploiter]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDlfYK6M5ejv-Ib4uNKQwY9Z8u3bVGpZUmbLb13-wc5tTXj0GYvNHKPpVIaVS3T1jHxL7lr_AzqBbqlR0L51b5nZgbyGPqz-D3Rm5WDzgjwyZV327V0aH91BXQVtuPaSwLdRy2yTnW9GMz/s1600/Screenshot+%252810%2529.png "Deface Website CMS Balitbang [With Exploiter]")
9. Noh kan udah muncul tulisan "yes,, ahhh ahhh, oh yess,,," ↑↑↑
Lu pencet "Telusuri" buat upload shell lu,, inget yg udh di ganti formatnya jadi .php5 / .phtml
![Deface Website CMS Balitbang [With Exploiter]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3GiP1UO0GQBIaye8Zkm1ls5n-bhbPxvS4KXKcG5Hcu7v8EtdKZ3PCGSEjy3Xep4cMv90bUiXsVSGwlDfxrhC68I1Nn6HAVfjFhwyGYGCvNnqXPAe1wGnVJvZI13deCc7IayNWHq5zrzv2/s1600/Screenshot+%252811%2529.png "Deface Website CMS Balitbang [With Exploiter]")
10. Ngapain lagi ?? tinggal klik simpan aje dah ahh..
![Deface Website CMS Balitbang [With Exploiter]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFUR95WIQCzjcrUbj23-BjJQO3RxhNXe5DxtPjyjZVKDzyQfZQXVyxGS6GOP8aXS_2rL01GuXlh4I_CXDBgWPHU8JXneYzA4q5oWvJsb6Q_SYMLUOb5LcYQy66NCc-LJFFy65RD_gIa2EM/s1600/Screenshot+%252812%2529.png "Deface Website CMS Balitbang [With Exploiter]")
11. Gambar yang ane kotakin itu kaga tau penanda vuln atau bukan,, tp buat ngecek nya langsung akses aja,, nohh liat gambar udeh gw tandain..
12. Kalo "Not Found" atau apalah itu silahkan cari target lagi yoo :v
![Deface Website CMS Balitbang [With Exploiter]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmaAtgidK1Nhi-BOBZdvpDyDaxXYxPEhYFvrIhyXX82w8hcYVOJ2CBbQTwTd8WlxJrNCEkbYFCX7Gz4b6B3cnpWRN833k5nw6t6sBrZFQeFqeULNrALadXwdfgZLMYtz1POQkwhCJZp1iR/s1600/Screenshot+%252814%2529.png "_Tuan2Fay_")
PESAN _Tuan2Fay_ : Karena exploit ini mencakup website sekolah jadi saya mohon dengan amat sangat,, jangan menebas file apapun !! jka ingin home deface cukup upload index.html
Greetz to : _Tuan2Fay_ | Yukinoshita 47 | Snooze | OutrageousEngkus | TM_404 | E7B_404 | LuckNut |XM404RS! | ShadowHearts CyberGhost.17 | Lyonc | EvilClown | Sector V2 Mr.Spongebob | D34D_SL33P | Mr.Luciferz | MR.Blank007 Mr.Buggers | DarkTerrorizt | Mafia Boy | Fazlast | Mr.Secretz Mr.N()tfound | Mr.HzA404EsL | P34CEB0Y Mr_Viruzer#29 4LV1N_404 | Mr.Okoy48 | Loyo-ID | And All Member of Garuda Security Hacker
