Local File Disclosure WordPress Theme Elegance

sumber : https://www.exploit-db.com/exploits/39333
dork : inurl:wp-content/themes/elegance/
exploit : wp-content/themes/elegance/lib/scripts/dl-skin.php

scrift html masternya :

Download:

testing
target : https://larsenintermodal.com/

buat file htmlnya

Download:

kemudian buka file htmlnya di browser , trus submit , maka si exploit langsung ngedownload /etc/passwd servernya

testing
target : https://larsenintermodal.com/

buat file htmlnya

Download:

kemudian buka file htmlnya di browser , trus submit , maka si exploit langsung ngedownload /etc/passwd servernya

bisa dibuat remote dong

wah mantap nih ada targetnya juga :love_hotel: