• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability

June 5, 2015 by Jack Wilder 1 Comment

Yuppp.. lama ya tidak share exploit deface. Kali ini saya mau share tutorial deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability . Exploit nya sudah lama sih sebenarnya, namun gak tau kenapa sekarang “bersemi kembali” . Oke gak usah lama lama , langsung saja .
Bahan :
HTML Exploit : download

Google Dorks :

  • inurl:”/wp-content/themes/qualifire”

Use your brain, bitch !
Vuln : /wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php

Simpan exploit di atas dengan format .html. Jangan lupa ganti url nya dengan url target.
Setelah itu buka file exploit nya di browser.

Shell kalian akan berada di localhost/shell.php
Karena langsung berada di public_html, jika kalian hanya ingin deface, bisa langsung upload script.

Sekian tutor Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability kali ini, happy exploiting.

Filed Under: WordPress Exploit Tagged With: Deface, Exploit, Wordpress

Reader Interactions

Comments

  1. Azalee D Hinkle says

    December 1, 2019 at 7:31 am

    Not found gan pas dah selesai upload di html explo

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

WordPress 4.7.0/4.7.1 Content Injection Exploit

Deface dengan Metode Timthumb Remote Code Execution

DNS Hijacking through Social Engineering

FastMail Custom Domain or Subdomain Takeover

Bruteforce FTP Login dengan Metasploit Module FTP Authentication Scanner

Laravel PHPUnit Remote Code Execution

Shopify Custom Domain or Subdomain Takeover

MIME Type Sniffing pada Form Upload Gambar

Reverse Shell From Local File Inclusion Exploit

Download 1n73ct10n / 1n73ction Privat Web Shell by X’1N73CT

LinuxSec / 11 queries in 0.09 seconds