• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability

June 5, 2015 by Jack Wilder 1 Comment

Yuppp.. lama ya tidak share exploit deface. Kali ini saya mau share tutorial deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability . Exploit nya sudah lama sih sebenarnya, namun gak tau kenapa sekarang “bersemi kembali” . Oke gak usah lama lama , langsung saja .
Bahan :
HTML Exploit : download

Google Dorks :

  • inurl:”/wp-content/themes/qualifire”

Use your brain, bitch !
Vuln : /wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php

Simpan exploit di atas dengan format .html. Jangan lupa ganti url nya dengan url target.
Setelah itu buka file exploit nya di browser.

Shell kalian akan berada di localhost/shell.php
Karena langsung berada di public_html, jika kalian hanya ingin deface, bisa langsung upload script.

Sekian tutor Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability kali ini, happy exploiting.

Shares

Filed Under: WordPress Exploit Tagged With: Deface, Exploit, Wordpress

Reader Interactions

Comments

  1. Azalee D Hinkle says

    December 1, 2019 at 7:31 am

    Not found gan pas dah selesai upload di html explo

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

Deteksi Celah No Redirect pada Suatu Situs menggunakan cURL

Laravel PHPUnit Remote Code Execution

Upload Backdoor Lewat MySQL Database (phpMyAdmin)

Cara Deface dengan Exploit Slims CMS Senayan Arbitrary File Upload Vulnerability

WordPress Fraction Theme Version 1.1.1 Privilege Escalation

Tutorial Deface – Menutup Halaman Depan Situs Target dengan JS Overlay

Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability

WordPress Plugin CopySafe PDF Protection Shell Upload

Download 1n73ct10n / 1n73ction Privat Web Shell by X’1N73CT

MyBB 1.8.x SQL Injection Auto Exploit

LinuxSec / 71 queries in 0.11 seconds