So now lets begin.
- First find some vulnerable sites by using Google Dorks inurl:”plugins/tdo-mini-forms/tdomf-upload-inline.php?tdomf_form_id=1"
- After getting a vulnerable site, upload your file. It would look something like this
- To access your uploaded file change the url from http://www.example.com/wp-content/plugins/tdo-mini-forms/tdomf-upload-inline.php to http://www.example.com/wp-content/uploads/tdomf/tmp/1/
- If the site is vulnerable, then it will open something like this
- These are the ip addresses, to access your uploaded file click on your ip address. After that it will show your uploaded file like this
- Boom !! Now you are successfully done. And you can also upload shell by changing the extension of the shell from shell.php to shell.php;.jpg.
Note:- This is only for educational purpose, and we are not responsible for any harm and illegal activity done by you.
Tidak ada komentar:
Posting Komentar