Oke, kali ini saya mau share exploit yang baru ditemukan kemarin yaitu Woocommerce Custom Tshirt Desginer CSRF Shell Upload Vulnerability. caranya cukup mudah kok. Langsung saja ikuti tutorialnya :
Bahan-bahan :
HTML Exploiter Download Disini | save dengan format .html
Vulnerability :
[localhost]/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/upload.php
Dork :
use your brain bitch :p
Shell Location :
[localhost]/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/uploadImage/[randomname].php
Langkah-langkah :
Oke, langsung saja nyelem ke google nyari target vuln. :p
Contoh target saya adalah http://mbrinformatique.com/
Ubah url nya menjadi
http://mbrinformatique.com/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/upload.php
Jika error, berarti vuln 😀
Langkah kedua, buka HTML Exploiter diatas dan edit bagian http://127.0.0.1/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/upload.php dengan web yang vuln.
save kembali lalu buka lewat browser. :p
nah tuh, upload shell nya lewat situ. maka kalo sudah sukses kalian akan mendapatkan nama acak. Misal :
1384522165528621b5f41fe.php
maka letak shell kalian ada di
- [localhost]/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/uploadImage/[randomname].php
Contoh :
- http://mbrinformatique.com/wp-content/plugins/woocommerce-custom-t-shirt-designer/includes/templates/template-black/designit/cs/uploadImage/1384522165528621b5f41fe.php
Kalo sudah seperti ituya terserah mau diapain -_-
Thanks to founder of this exploit :
Bebyyers404 | JKT48 CYBER TEAM – Black Devil Crew
Sekian tutorial kali ini semoga bermanfaat 🙂
keren kang 😀
Psang link saya gan. http://indonesian-hackerlink.blogspot.com/ . link agan sudah saya pasang, silakan cek http://indonesian-hackerlink.blogspot.com/2013/11/link-friends_17.html