Header Ads

Deface CMS Wordpress | Add Admin






langsung aja ya gan gak usah banyak cocot :v

Bahan :

Dork :  Inurl:/wp-login.php?action=register
            Inurl:/register-2/
            inurl:/wp-content/themes/averin
            inurl:/wp-content/themes/dagda
            Intext: Powered by Wordpress
            ( kembangin dork nya ya mas )

Exploit : /wp-admin/theme-editor.php

Rokok surya + Kopi hitam biar lu gk stress :v


Tutorialnya :

Dorking di google pilih salah satu site





Kalo vuln maka kayak gini, klik register/daftar






Isi form nya dengan email lu yang aktif terus klik register /daftar




Buka email cari pesan konfirmasi register tadi terus klik link konfirmasinya




Tinggal login dah taraaaa masuk dashboard :v





Upload shell gimana? Use your brain bro masa di suapin terus :v

Nih hasil deface saya http://www.approachingwomenfast.com/


Sekian.




3 comments:

  1. Thanks for sharing this quality information with us. I really enjoyed reading. Will surely going to share this URL with my friends. logo design

    ReplyDelete