Based on the target defacer beginners, the school web is a target that has a low level of difficulty other than the government web. The reason is because it often appears in google dork search results to query vuln sites.
Well, in this tutorial I will share how to deface the school web using 2 different methods, namely jso and slash index.
To understand what jso and slash index are, you can click the link below:
https://omcyber.com/cara-deface-website/
As for the deface tutorial, follow the steps below.
How to deface the sch.id school website
It is called the school website because the domain name or link ends in .sch.id, for example sman1bandung.sch.id.
Not all school websites can be defaced, but only websites that have loopholes. To find the gap you can use the help of the termux application.
Read also: how to search web vuln in termux.
Before doing a deface, first create a deface script to display a message or your underground/hacker name. For example, hack by omcyber, etc.
You can download the deface script on google or make it here.
For those who already have the deface script, now just choose the deface method below.
1. Deface school web jso
In essence, you have to upload a jso script to the school’s website with a vuln status. How to upload can be from the registration page or the like.
To find the registration page, you can use the following google dork query:
intext:”graduation information system” site:sch.id
Then select a website that appears in Google search results.
After logging into the selected site, search for menu contact us. Then upload your Jso script, if you don’t have it, create it first by following the tutorial below.
a. How to make a jso script
To create a jso script, you can use the jso generator tool. The link is below.
https://apaa.or.id/jso.php
Here’s how to use it:
- At the initial screen of the jso generator site, enter all the html code from your deface script.
- Then copy all the numbers that appear in the results section.
- Add code document.documentElement.innerHTML=String.fromCharCode(jso numeric code).
- Paste all the code on the pastebin.com site then select create new paste.
- Press the raw menu to copy the ready-made jso script link.
The jso script is a defaced script that is modified to penetrate website vulnerabilities. After successfully making it, proceed to the upload process.
b. How to upload a jso script to the target website
In the filling column, just fill in the original data. But in the message field, enter your jso script by adding the following code:
)
Example:
<)
Then press send.
If the delivery process is successful, it means that the school website has been successfully defaced.
To find out the results, access the site address plus admin/contact.php. Example: sman1bandung.sch.id/admin/ contact.php
2. Deface the index slash school website
To use the slash index, it’s still the same as using google dork, it’s just different in the query used. In addition, with slash index, you can upload images as the deface script.
Dorks used to slash school web index are:
- inurl://html/student.php?
- inurl://html/alumni.php?
- inurl://html/guru.php?
Please, just do dorming until you find a vuln school website.
Or you can use my live target site below:
https://www.sditlhbandung.sch.id/
After finding the target site, follow these school web index slash steps:
- Addition /editor/filemanager/connectors/test.html behind the website address.
- Change the *ASP connector plug to *PHP.
- Upload the deface script file in the file upload field.
If the file is uploaded successfully, then the defacement process of the index slashing school web is successful.
To see the results, access the site address added /userfiles/file/scriptname. Example: https://www.sditlhbandung.sch.id/userfiles/file/omcyber.html.
If you want to upload an image deface script file, then in the resource type file box, change it to image.
Well, that’s the tutorial on how to deface the sch.id school web using jso and slash index. For those who are still having trouble, tell me from the comments column.
