• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability

June 5, 2015 by Jack Wilder 1 Comment

Yuppp.. lama ya tidak share exploit deface. Kali ini saya mau share tutorial deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability . Exploit nya sudah lama sih sebenarnya, namun gak tau kenapa sekarang “bersemi kembali” . Oke gak usah lama lama , langsung saja .
Bahan :
HTML Exploit : download

Google Dorks :

  • inurl:”/wp-content/themes/qualifire”

Use your brain, bitch !
Vuln : /wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php

Simpan exploit di atas dengan format .html. Jangan lupa ganti url nya dengan url target.
Setelah itu buka file exploit nya di browser.

Shell kalian akan berada di localhost/shell.php
Karena langsung berada di public_html, jika kalian hanya ingin deface, bisa langsung upload script.

Sekian tutor Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability kali ini, happy exploiting.

Shares

Filed Under: WordPress Exploit Tagged With: Deface, Exploit, Wordpress

Reader Interactions

Comments

  1. Azalee D Hinkle says

    December 1, 2019 at 7:31 am

    Not found gan pas dah selesai upload di html explo

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

Deteksi Celah No Redirect pada Suatu Situs menggunakan cURL

Open Redirect Bypass Cheat Sheet

WordPress Fraction Theme Version 1.1.1 Suffers from a Privilege Escalation Vulnerability

Exploit WordPress N-Media Website Contact Form with File Upload 1.3.4 Shell Upload Vulnerability

Tumblr Custom Domain or Subdomain Takeover

DNS Hijacking through Social Engineering

Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability

Deface WordPress dengan Exploit WordPress TheLoft Theme Arbitrary File Download Vulnerability

Woocommerce Custom Tshirt Desginer CSRF Shell Upload Vulnerability

Reverse Shell From Local File Inclusion Exploit

Powered by WordPress and Genesis Framework. Style by LinuxSec.