Mau share aja exploit yang ditemukan oleh teman saya dari Indonesian Cyber Army, Mr.Xenophobic. Nama nya Exploit WordPress Plugins WPShop File Upload Vulnerability. Fuck 1337day.com for reject this exploit =))
Exploiter :
Exploit WordPress Plugins WPShop File Upload Vulnerability – Click Here
Google Dork :
inurl:?wpshop_product_category=
Use your brain, bitch !
Exploiter :
Exploit WordPress Plugins WPShop File Upload Vulnerability – Click Here
Google Dork :
inurl:?wpshop_product_category=
Use your brain, bitch !
Vuln Victim :
/wp-content/plugins/wpshop/includes/ajax.php?elementCode=ajaxUpload
/wp-content/plugins/wpshop/includes/ajax.php?elementCode=ajaxUpload
Simpan script Python diatas dalam bentuk python.
Ganti url target dengan target vuln.
Jika vuln annti output nya seperti ini :
Exploited ! |
Setelah itu buka url target :
http://localhost/wp-content/uploads/out.php
Selanjutnya buka lagi shell kalian akan berada di :
http://localhost/wp-content/uploads/njepat.php
Sekian tutor kali ini semoga bermanfaat.
0 Response to "Deface WordPress dengan Exploit WordPress Plugins WPShop File Upload Vulnerability"
Post a Comment