Home > > [POC] Deface website menggunakan rootkit milik hmei7 (webdav)

[POC] Deface website menggunakan rootkit milik hmei7 (webdav)

Bagikan ke Teman! :


Perkenalkan ane newbie disini mau berbagi trik, semoga ga repost.
Langsung saja ga usah banyak basa - basi.

Download dulu toolsnya disini: http://www.mediafire.com/download.php?ajyvbf00xq07xck

Step - stepnya: MATIKAN ANTIVIRUSNYA DULU!!

1. Ekstrak dulu "rootkit.exe" nya ke Desktop nod) (Anjuran ane biggrin)
2. Buka "rootkit.exe", pilih tab "WebDav" >>> "asp shell maker"
http://i.imgur.com/F3RIK.jpg
3. Kemudian klik "Setting", nah di bagian kotak "name of Your shell" itu adalah nama hasil deface-an anda. Misal saya namakan /iARS14.html. Nah terus di "write your shell here" itu adalah script html deface-an anda, cara memasukkannya dengan cara mem-pastekan script html deface-an anda ke dalam kotak, atau dengan cara "Load shell from file" yang memasukkan script html melalui file di komputer anda.
http://i.imgur.com/ner5t.jpg
4. Setelah selesai klik "Hide me"
5. Kemudian klik "add site" untuk memasukkan site target yang akan anda deface. Misal site target saya adalah http://www.sysuccrt.com/. Dan kemudian klik OK deh.
http://i.imgur.com/beIFn.jpg
6. Setelah semuanya selesai, klik "Serang!!!"
7. Tunggu beberapa saat, dan jika berhasil ada notif shell created beserta link hasil deface-an anda. Jika tidak berhasil ada notif not vurlerable dav yang berarti sitenya tidak vulnerable dav.

Demo: http://www.sysuccrt.com/alldy.html

Dork:
Spoiler :   
inurl:.ah.cn/*.asp

inurl:.bj.cn/*.asp

inurl:.cq.cn/*.asp

inurl:.fj.cn/*.asp

inurl:.gd.cn/*.asp

inurl:.gs.cn/*.asp

inurl:.gz.cn/*.asp

inurl:.gx.cn/*.asp

inurl:.ha.cn/*.asp

inurl:.hb.cn/*.asp

inurl:.he.cn/*.asp

inurl:.hi.cn/*.asp

inurl:.hl.cn/*.asp

inurl:.hn.cn/*.asp

inurl:.jl.cn/*.asp

inurl:.js.cn/*.asp

inurl:.jx.cn/*.asp

inurl:.ln.cn/*.asp

inurl:.nm.cn/*.asp

inurl:.nx.cn/*.asp

inurl:.qh.cn/*.asp

inurl:.sc.cn/*.asp

inurl:.sd.cn/*.asp

inurl:.sh.cn/*.asp

inurl:.sn.cn/*.asp

inurl:.sx.cn/*.asp

inurl:.tj.cn/*.asp

inurl:.tw.cn/*.asp

inurl:.xj.cn/*.asp

inurl:.xz.cn/*.asp

inurl:.yn.cn/*.asp

inurl:.zj.cn/*.asp

inurl:.ac.cn/*.asp

inurl:.com.cn/*.asp

inurl:.edu.cn/*.asp

inurl:.gov.cn/*.asp

inurl:.net.cn/*.asp

inurl:.org.cn/*.asp
 
Sedikit site vulnerable dav:
Spoiler :     
http://admats.concerts.com/

http://my.smser.eu/

http://www.lawrenceting.com/

http://dike.dpt.go.th/

http://www.elcsfj.gov.cn/

http://documents.co.st-lucie.fl.us/

http://www.ybsds.gov.cn/

http://rsj.xxz.gov.cn/

http://www.xzll.gov.cn/

http://www.xmfg.gov.cn/

http://zzx.wlcbsgs.gov.cn/

http://www.librogondwana.com.ar/

http://www.ingacarrasco.com.ar/

http://www.salsadella.com.ar/

http://www.bgmgroup.cn/

http://ssc.rrp.kr/

http://www.bonweshop.cn/

http://www.entreculturas.pt/

http://www.51lvyo.cn/

http://www.tishineng.cn/

http://lib.zcu.edu.cn/

http://www.r-fashion.com/

http://www.shbhgy.com/

http://xcb.nenu.edu.cn/

http://www.xiajiashan.com/

http://www.aiboshop.com/

http://www.vernicefrescateatro.it/

http://www.scuolamediaserino.it/

http://www.maxvision.it/

http://www.associazionebildung.it/

http://muzquizcoahuila.com/

http://furama-villas.com/

http://jozbdn.com/

http://www.hdwebtv.it/

http://www.denuncio.cl/

http://www.turismoyarte.com/

http://www.innovatech-chile.cl/

http://www.vintagefaucet.net/

http://www.maxtek-go-go.com/

http://www.blusign.it/

http://www.indal2000.it/

http://ced.kmutnb.ac.th/

http://www.seatinterni.it/

http://www.fmfogazzifratelli.it/

http://www.k-mex.com

http://sverigesridlager.org/

http://svenskahastsportguiden.se/

http://singelguiden.se/

http://ridsportruntsverige.se/

http://modeguide.se/

http://ridleder.se/

http://kattguiden.com/

http://kattannons.se/

http://jackrusselterrier.se/

http://hundannons.se/

http://horseandcountry.eu/

http://hastsemester.se/

http://hastochryttare.se/

http://ridsemester.com/

http://www.telecomyork.com/

http://www.webcampustecnonexo.com/

http://www.zblx.org/

http://www.candledevelopment.com/

http://www.kozi.com.tw/

http://www.cart.com.hk/

http://vendors.csgroupny.com/

http://www.4lunch.com.au/

http://www.druckpunkt.at/

http://www.tsjx.org.cn/

http://counselorlogin.com/

http://www.icandyvisuals.com/

http://dev1.ipsd.org/

http://57157111.com/

http://www.jn14z.jinedu.cn/

http://www.lsysx.jinedu.cn/

http://www.sdcydh.com/

http://www.sddaping.com/

http://www.fengyi668.com/

http://www.ssfjy.com/

http://www.dianfuxj.com/

http://zkhb.homesoft.com.cn/

http://lidu.homesoft.com.cn/

http://www.hhswbg.com/

http://www.xajpg.cn/

http://www.f580.cn/

http://www.cooptionscorp.com/

http://pla.hbu.cn/

http://5151lvyou.com/

http://www.tent-pro.tw/

http://www.mazda-gh.tw/

http://www.wiltrom.com.tw/

http://www.dialect.tw/

http://www.koul.com.tw/

http://www.digguitar.com/

http://hx0579.com/

http://teyoumei.com/

http://5152255.com/

http://km.gmtx.com/

http://tyc.ykjt.cn/

http://caiwu.hkjulong.com/

http://sportgame.shenzhenfdi.cn/

http://www.szfdi.cn/

http://www.6131.com.cn/

http://587588.com/

http://game.lsale.com.cn/

http://www.qzmpjj.com/

http://www.cnmsc.com.cn/

http://www.3000vip.net/

http://www.itonglu.com/

http://www.qaous.com/

http://www.591pqk.com/

http://www.vischoice.com/

http://heilamarine.com/

http://bjlin.redian163.cn/

http://www.viaggiarenet.com/

http://www.opasitalia.it/

http://www.jzzyzz.com/

http://limooffice.com/

http://www.houstonchgk.com/

http://www.cesd.cn/

http://www.socpol.net/

http://diandi.info/

http://www.unicenvirtual.net/

http://webpares.escola-horitzo.com/

http://www.bonifaccino.it/

http://www.dizhigongyuan.com/

http://www.alliancestone.com.br/

http://www.ipicdailyheadlines.co.za/

http://dartintl.com/

http://www.zgcqcm.com/

http://csryls.com/

http://athlic.rrp.kr/

http://login.7585.co.kr/

http://www.warrenbuffett.co.za/

http://www.naeaa-uah.org/

http://www.hastsportguiden.se/

http://www.designmonic.se/

http://web122.8248.net/

http://813.8248.net/

http://0754fdc.net/

http://88808080.com/

http://823.8248.net/

http://www.bj-lzxbenz.com/

http://www.fulaigongwq.com/

http://lyjw0419.cn/

http://sxshuntai.com/

http://mallrs.com/

http://xzxdnzhs.com/

http://xiaotaiyang.co/

http://musicmusicca.com/

http://rockphone.net/

http://cnxfz.com/

http://wsddsdq.com/

http://gzhx1688.com/

http://qdsysj.com/

http://admats.concerts.com/

http://my.smser.eu/

http://www.lawrenceting.com/

http://dike.dpt.go.th/

http://www.elcsfj.gov.cn/

http://documents.co.st-lucie.fl.us/

http://www.ybsds.gov.cn/

http://rsj.xxz.gov.cn/

http://www.xzll.gov.cn/

http://www.xmfg.gov.cn/

http://zzx.wlcbsgs.gov.cn/

http://www.librogondwana.com.ar/

http://www.ingacarrasco.com.ar/

http://www.salsadella.com.ar/

http://www.bgmgroup.cn/

http://ssc.rrp.kr/

http://www.bonweshop.cn/

http://www.entreculturas.pt/

http://www.51lvyo.cn/

http://www.tishineng.cn/

http://lib.zcu.edu.cn/

http://www.r-fashion.com/

http://www.shbhgy.com/

http://xcb.nenu.edu.cn/

http://www.xiajiashan.com/

http://www.aiboshop.com/

http://www.vernicefrescateatro.it/

http://www.scuolamediaserino.it/

http://www.maxvision.it/ 
1 lagi, di Indeves juga banyak user yang submit deface-an pakai webdav, jadi anda bisa coba site - site yang di submit para user indeves

Sekian, tutor cupu dari ane nod

Dapatkan selalu update dari blog ini! Dengan memasukkan email anda dibawah, lalu nikmati update blog ini langsung ke email anda.


0 komentar — Skip ke Kotak Komentar

Posting Komentar — or Kembali ke Postingan