News Ticker

Deface Wordpress Themes ThisWay

By Berandal - Sunday, February 12, 2017 5 Comments
Hallo fanss :* Berandal disini :)
Kali ini gw mau share Tutorial Deface Wordpress Themes ThisWay . Sebenernya ini Bug lama, tapi gada salahnya share :v Sapa tau masih Crotz :P


Bahan:
1. Xampp (DOWNLOAD)
2. Exploter (PHP) - [SEDOT]
2. CSRF (Buat yg males pake xampp :v) [SEDOT]
3. Shell atau Script Deface (Kalo belom punya, bisa ambil disini.)


Langkah:
1. Dorking di google.

2. Pilih salah satu site.

3. Masukin exploitnya.

4. Vuln:
{"status":"NOK", "ERR":"This file is incorect"}

5. Masukin ke CSRF

6. Kalo sukses bakal kluar nama file lu :)

7. Akses file?
site.co.li/wp-content/uploads/2017/02/namafile
contoh:
http://larryfarfan.com/wp-content/uploads/2017/02/settingsimage_h5aQ4ZfXcBYM6gSM.txt

Masih kurang jelas?
Simak video gw dibawah :)



Okee, cukup buat tutorial kali ini, Semoga Bermanfaat :)
.
Regards,
Berandal, [OWL SQUAD]


POPULAR ARTICLES :


5 comments to ''Deface Wordpress Themes ThisWay"

ADD COMMENT
  1. Mantap :V

    ReplyDelete
  2. bang kok cmd nya muncul bgini ya?
    C:\xampp\php>php php.php
    {"status":"NOK", "ERR":"This file is incorect"}

    ReplyDelete
  3. Bang cuma bisa upload txt?

    ReplyDelete