Haii fans :P
Kali ini gw mau share Tutorial Deface Wordpress Theme Theagency. :)
Bahan:
1. Dork.
inurl:/wp-content/themes/theagency2. Exploit.
/wp-content/themes/theagency/includes/uploadify/uploadify.php
3. CSRF.
Ambil disini.
Langkah - Langkah:
1. Dorking ke google.
2. Pilih salah satu site.
3. Masukin exploitnya.
4. Vuln = Blank.
5. Masukin site ke CSRF.
6. Pilih file/shell/ yg mau lu upload.
7. Kalo file sukses ke upload, bakal muncul angka '1'.
Akses file?
/wp-content/themes/theagency/includes/uploadify/uploads/namafilecontoh:
http://google.com/wp-content/themes/theagency/includes/uploadify/uploads/namafile
Kalo masih kurang jelas, simak video tutorial gw :
Okee, sekian tutorial gw kali ini, semoga bermanfaat :)
Regards,
إرسال تعليق
Komentar Spam Akan kami Hapus