Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[Solved] Bagaimana Menerapkan X-Forwarded.. Di TCP delphi
#16
joss,,, om,, ane make langsung main di pilot aja,, hasilnya mantap..


[Image: 10259775_684209061615308_902496925663929615_n.jpg]
0n3phr34k, proud to be a member of ForNesia Family since May 2014.
#17
punya saya ini yg salah apa yo klo menerapkan X-Forward kok kgk jalan :'(

procedure TForm1.IdMappedPortTCP1Execute(AThread: TIdMappedPortThread);
var payload : string;
begin
upload:= upload+Length(AThread.NetData);
if Pos('CONNECT',AThread.NetData)<>0 then begin
payload:= AThread.NetData+'GET http:///BUG/ HTTP/1.1' +#13#10;
AThread.NetData := AddHeader(AThread.NetData,'User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:20.0) Gecko/20100101 Firefox/20.0'#13#10);
AThread.NetData := AddHeader(AThread.NetData,'Proxy-Connection: Keep-alive'#13#10);
AThread.NetData := AddHeader(AThread.NetData,'Connection: Keep-Alive'#13#10);
AThread.NetData := AddHeader(AThread.NetData,'X-Remote-IP: 10.19.19.19'#13#10);
AThread.NetData := AddHeader(AThread.NetData,'X-Originating-IP: 127.0.0.1'#13#10);
AThread.NetData := AddHeader(AThread.NetData,'X-Remote-Addr: 202.93.36.12'#13#10);
AThread.NetData := AddHeader(AThread.NetData,'X-Remote-IP: * or #0 or #10');
Athread.NetData := AddHeader(Athread.NetData,'Accept: */*'#13#10);
AThread.NetData := payload+AThread.NetData;
end;
end;
Kizuma Wa, proud to be a member of ForNesia Family since Mar 2014.
#18
(05-29-2014, 02:29 PM)Kizuma Wa Wrote: punya saya ini yg salah apa yo klo menerapkan X-Forward kok kgk jalan :'(

procedure TForm1.IdMappedPortTCP1Execute(AThread: TIdMappedPortThread);
var payload : string;
begin
upload:= upload+Length(AThread.NetData);
if Pos('CONNECT',AThread.NetData)<>0 then begin
payload:= AThread.NetData+'GET http:///BUG/ HTTP/1.1' +#13#10;
AThread.NetData := AddHeader(AThread.NetData,'User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:20.0) Gecko/20100101 Firefox/20.0'#13#10);
AThread.NetData := AddHeader(AThread.NetData,'Proxy-Connection: Keep-alive'#13#10);
AThread.NetData := AddHeader(AThread.NetData,'Connection: Keep-Alive'#13#10);
AThread.NetData := AddHeader(AThread.NetData,'X-Remote-IP: 10.19.19.19'#13#10);
AThread.NetData := AddHeader(AThread.NetData,'X-Originating-IP: 127.0.0.1'#13#10);
AThread.NetData := AddHeader(AThread.NetData,'X-Remote-Addr: 202.93.36.12'#13#10);
AThread.NetData := AddHeader(AThread.NetData,'X-Remote-IP: * or #0 or #10');
Athread.NetData := AddHeader(Athread.NetData,'Accept: */*'#13#10);
AThread.NetData := payload+AThread.NetData;
end;
end;

coba gabungin ke payload aja deh x-forward nya,,
0n3phr34k, proud to be a member of ForNesia Family since May 2014.
#19
punya saya ini salahnya dimna ya ?
WSAEBOARTED :huh:
Show ContentSpoiler:
Kizuma Wa, proud to be a member of ForNesia Family since Mar 2014.
#20
(05-29-2014, 02:44 PM)Kizuma Wa Wrote: punya saya ini salahnya dimna ya ?
WSAEBOARTED :huh:
Show ContentSpoiler:

coba gunakan tambahan mainkan di payload aja deh langsung

tambahkan ini di payload pada setiap sebelum forward nya

Show ContentSpoiler:
0n3phr34k, proud to be a member of ForNesia Family since May 2014.
#21
ngikut belajar gan, ane msh nubie muahaha:

"Kebahagiaan abadi takkan pernah singgah sebelum engkau mengetahui apa ARTI HIDUP yang sesungguhnya."

LEMME IN SILENCE FOR A WHILE

#22
Jadi inti dari Command Injection adalah kita mengirimkan text seperti ini ke server

GET http://BUG.com HTTP/1.1
Host: Bug.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1) Gecko/20061010 FireFox/2.0
Accept: */*
Accept-Language: it-it,it;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive

Terus disini buat konek SSH

CMIIW kucing:

"Kebahagiaan abadi takkan pernah singgah sebelum engkau mengetahui apa ARTI HIDUP yang sesungguhnya."

LEMME IN SILENCE FOR A WHILE

#23
NUwbie gan,,,pengen belajar...tp masih bingung gmn cara nempatin yg kalian tulis.
kalo ada yg baik hati buat nyumbangin tutor plus SC delphi yg udh work di thread delphi.
buat pmbelajaran.
zafra, proud to be a member of ForNesia Family since Mar 2014.
#24
nyimak ah ane jg pake IDN N-P ..
#25
gan emang fungsinya buat apa sih ane masih gk ngeti :( ?????
ANE NUBI KK MOHON BIMBINGANNYA
#26
mantap nich ilmu baru lagi...........??
izin kembangin gan ketawaaa
saling percaya, proud to be a member of ForNesia Family since Feb 2014.
#27
Ijin nyimak aja dulu, baru di praktekin
#28
mau tanya gan. cara nerjemahin angka2 pilot tu gmn sih sbnrnya?tiap angka ada mksudnya sndiri ga?
fandazky, proud to be a member of ForNesia Family since Mar 2014.
#29
ini punya ane, masih enak sampe skrg, gak perlu terlalu panjang
metod url http/1.1 crlf accept: */*
hunt2face, proud to be a member of ForNesia Family since Jun 2014.
#30
(06-03-2014, 04:34 AM)hunt2face Wrote: ini punya ane, masih enak sampe skrg, gak perlu terlalu panjang
metod url http/1.1 crlf accept: */*

crlf maksudnya yg #13#10?

"Kebahagiaan abadi takkan pernah singgah sebelum engkau mengetahui apa ARTI HIDUP yang sesungguhnya."

LEMME IN SILENCE FOR A WHILE

  


Possibly Related Threads…
Thread Author Replies Views Last Post
  [Ask] Bagaimana cara mengatasi flashdisk yang tidak bisa diformat Kesz24 25 3,966 11-06-2015, 12:09 PM
Last Post: Kesz24
  [Ask] Bagaimana cara bypass survey??? Afnan 34 5,936 10-23-2015, 07:21 PM
Last Post: otoq