27.10.15
phucnd
http://www.mediafire.com/?6g1tnx6gd8ik1qv
Tool scan thấy có dính mã độc. Khuyến cáo ae nên sử dụng trên máy ảo
Pass dải nén: vhb
Bước 1: Vào Tab webDav và chọn ASP Shell Maker
![[IMG]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhviZutfRb-izM5-rw3c1oBjqWflYunb8o_MghTn_hUDakHuQR0Z4nbDA00T-FxX_S_5qlLJ7K3IHIs1KMh9zng-vxZURsrtD4_OZ9iYTuaJ88tJxRVpbZDZv-gwgohFC6Ibqy9gIHgvk1y/s1600/1.png)
Bước 2. Chọn Setting và cấu hình
- Name of Yourshell :
Path dẫn tới shell. Ví dụ: /soleil.html.
Đối với các site dính lỗ hổng webdav không chạy được file .php nên ta chỉ có thể up ở dạng html hoặc asp.
Nếu muốn up shell thì ta phải change thành dạng face file ảnh ;.jpg ,ví dụ : soleil.asp;.jpg
Link download shell :
http://www.mediafire.com/?g9xhnqoix8rrstp
Pass dải nén: vhb
- Write your shell here:
Chỗ này coppy (load ) nội dung file shell hoặc file index deface của bạn
- List of Target
Lưu toàn bộ site có khả năng dính lỗi webdav vào file txt sau đó ấn Load from file
![[IMG]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVcLEeAyuZ0IM0xpOC-HhtaGzgUEYZSlxNtluWDBu2vtk7i43JCECVj58t7v64jV6yw66-W-YJYx2QuGUcOkoL3nHtL30908ORWNiG8rFCDRHXAiNjHuxzA2232RzdoGVv9Skw-ANNd-wa/s1600/2.png)
Bước 3: Nhấn Serang!!! Và chương trình tự động thực hiện tấn công
![[IMG]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVU3_WxpyNUnCEY1rP0tCTFt15q5mFddAbHLtwsAlD_OS9w-rW_RjkSLNbM2vn23cEM7CIf_nn1xx97rSoLFMRwD_XZ4_UKRYj789UVYyPtlI98lQfyjZ5KJq82gPrC_iVpDttmjlLhSZ6/s1600/3.png)
- checking : http://zl.zhqc.org.cn
shell created !!
http://zl.zhqc.org.cn/soleil.html
- Còn site nào không dính lỗi, nó sẽ báo
Not vulnerable dav
![[IMG]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhA3qVk7w2FriaLlrytEqRgIeKJ9y8Az32lEFGpZA_3Hj7SaGqjjaiB5nwpWe_kol4JKFFztGJ2au_p2JCVkdKbjuF73SXRVb1TFuTGhGA8dzqMXuRI7E9axrCQ47w_xaOiAc0XRbVWxYTM/s1600/4.png)
![[IMG]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjO3RPHynT-tJsoQLTD-etyouk3ARVEczb8Y0iUQnUgbyB9YmtzSNJSssx0Lhqhbx9Bn_Scu0fy3lahCVLvZbH6Phj-ErtJopus8mOlMrkqiMA2UGIhkAPhew_I7OONFeHtIdKx9KGH49PO/s1600/5.png)
http://www.mila.dk/soleil.html
http://www.kelugp.com/soleil.html
http://thepar-group.net/soleil.html
http://www.kuobao.net.cn/soleil.html
http://lyg.jx.cn/soleil.html
http://www.jzlsxx.gov.cn/soleil.html
http://www.zdchina.com.cn/soleil.html
http://zl.zhqc.org.cn/soleil.html
http://blog.qstxx.com.cn/soleil.html
http://gh.rc.gov.cn/soleil.html
http://www.tedelon.cn/soleil.html
http://www.fses.com.cn/soleil.html
http://www.ecitycn.com/soleil.html
http://www.aysx.cn/soleil.html
http://zhishi.lwjl.com.cn/soleil.html
http://www.ndjsw.gov.cn/soleil.html
http://www.tywl99.cn/soleil.html
http://www.tedelon.cn/soleil.html
http://nj.lookhouse.cn/soleil.html
http://thepar-group.net/soleil.html
http://www.autowuhan.com.cn/soleil.html
http://www.av8software.com/soleil.html
http://www.cstradingcn.com/soleil.html
http://www.deepmeter.com/soleil.html
http://www.csmarketingco.com/soleil.html
http://www.kelugp.com/soleil.html
http://xtjw.bsd108.com/soleil.html
http://lppm.bigc.edu.cn/soleil.html
http://www.escco.com.cn/soleil.html
http://tms.nai.edu.cn/soleil.html
http://www.netsmart.cn/soleil.html
http://cgibin.cgfreight.cn/soleil.html
http://news.cgfreight.cn/soleil.html
http://xxx.cgfreight.cn/soleil.html
http://jsj.jinchuan.gov.cn/soleil.html
http://cdenv-koksijde.be/soleil.html
http://www.wxcams.be/soleil.html
http://www.karcherwestmachines.be/soleil.html
http://www.wxcams.be/soleil.html
http://bouwmeteo.be/soleil.html
http://cdenv-koksijde.be/soleil.html
http://cdenv-koksijde.be/soleil.html
http://kite.infometeo.be/soleil.html
http://nl.meteokust.be/soleil.html
http://nojo.busanilbo.com/soleil.html
http://www.kitemeteo.be/soleil.html
http://www.wxcams.be/soleil.html
http://sciotorugby.com/soleil.html
http://hdchrome.com/soleil.html
http://columbusrugby.com/soleil.html
http://blog.qtmanage.com/soleil.html
http://www.csmarketingco.com/soleil.html
http://www.fondazionefimp.org/soleil.html
http://www.ljmjfj.com/soleil.html
1 số dork có thể tìm site dính lỗi này như:
inurl:.co.id/*.asp
inurl:.ah.cn/*.asp
inurl:.bj.cn/*.asp
inurl:.cq.cn/*.asp
inurl:.fj.cn/*.asp
inurl:.gd.cn/*.asp
inurl:.gs.cn/*.asp
inurl:.gz.cn/*.asp
inurl:.gx.cn/*.asp
inurl:.ha.cn/*.asp
inurl:.hb.cn/*.asp
inurl:.he.cn/*.asp
inurl:.hi.cn/*.asp
inurl:.hl.cn/*.asp
inurl:.hn.cn/*.asp
inurl:.jl.cn/*.asp
inurl:.js.cn/*.asp
inurl:.jx.cn/*.asp
inurl:.ln.cn/*.asp
inurl:.nm.cn/*.asp
inurl:.nx.cn/*.asp
inurl:.qh.cn/*.asp
inurl:.sc.cn/*.asp
inurl:.sd.cn/*.asp
inurl:.sh.cn/*.asp
inurl:.sn.cn/*.asp
inurl:.co.id/*.asp
inurl:.ah.cn/*.asp
inurl:.bj.cn/*.asp
inurl:.cq.cn/*.asp
inurl:.fj.cn/*.asp
inurl:.gd.cn/*.asp
inurl:.gs.cn/*.asp
inurl:.gz.cn/*.asp
inurl:.gx.cn/*.asp
inurl:.ha.cn/*.asp
inurl:.hb.cn/*.asp
inurl:.he.cn/*.asp
inurl:.hi.cn/*.asp
inurl:.hl.cn/*.asp
inurl:.hn.cn/*.asp
inurl:.jl.cn/*.asp
inurl:.js.cn/*.asp
inurl:.jx.cn/*.asp
inurl:.ln.cn/*.asp
inurl:.nm.cn/*.asp
inurl:.nx.cn/*.asp
inurl:.qh.cn/*.asp
inurl:.sc.cn/*.asp
inurl:.sd.cn/*.asp
inurl:.sh.cn/*.asp
inurl:.sn.cn/*.asp
inurl:.sx.cn/*.asp
inurl:.tj.cn/*.asp
inurl:.tw.cn/*.asp
inurl:.xj.cn/*.asp
inurl:.xz.cn/*.asp
inurl:.yn.cn/*.asp
inurl:.zj.cn/*.asp
inurl:.ac.cn/*.asp
inurl:.com.cn/*.asp
inurl:.edu.cn/*.asp
inurl:.gov.cn/*.asp
inurl:.net.cn/*.asp
inurl:.org.cn/*.asp
inurl:.sx.cn/*.asp
inurl:.tj.cn/*.asp
inurl:.tw.cn/*.asp
inurl:.xj.cn/*.asp
inurl:.xz.cn/*.asp
inurl:.yn.cn/*.asp
inurl:.zj.cn/*.asp
inurl:.ac.cn/*.asp
inurl:.com.cn/*.asp
inurl:.edu.cn/*.asp
inurl:.gov.cn/*.asp
inurl:.net.cn/*.asp
inurl:.org.cn/*.asp
╔══╗
╚╗╔╝
╔╝ (¯`v´¯)
╚══`.¸.VL48 -
Phúc Nguyễn
