halo sahabat kerens, kali ini gua kan share Deface Menggunakan Wordpress Themify Arbitrary File Upload Vulnerability, langsung saja :)
Dork :
inurl:"/wp-content/themes/Elemin/"
inurl:"/wp-content/themes/Bloggie/"
inurl:"/wp-content/themes/Tisa/"
inurl:"/wp-content/themes/Funki/"
inurl:"/wp-content/themes/Pinboard/"
inurl:"/wp-content/themes/FOlo/"
inurl:"/wp-content/themes/grido/"
inurl:"/wp-content/themes/Suco/"
inurl:"/wp-content/themes/iThemes2/"
Exploit:
www.site.domin/wp-content/themes/select a theme/themify/themify-ajax.php
Scirpt CSRF :
http://pastebin.com/mVr5vN3j
Shell Akses:
http://yourtarget.com/wp-content/themes/select a theme/uploads/shellname.php
Semoga Bermanfaat
0 Komentar