Blogs
Last updated
Was this helpful?
Last updated
Was this helpful?
Extends > Themes "Helloworld" > Save
System > Backup > Content > Files > Save something
System > Settings > Maintenance Mode <?php phpinfo(); ?> ..Save
Plugins are often exploitable
searchsploit
github 'issues'
- Also has webapp/cms/scanner
Obtain Admin credentials > Activate My image plugin by visiting
Upload PHP shell, ignore warnings Visit
No matter what you NAME the php upload.. it will ALWAYS be "image.php" after uploading
TartarHTB
REF: Redteam CTF Defcon Pivonka found this vuln on his own! Actually a pubic/known exploit