Friday, March 1, 2013

|| WORDPRESS SHELL UPLOAD BYPASS ||



METHOD GIVEN BY MY DEAR FRIEND MAURITANIA ATTACKER TO BYPASS SHELL UPLOAD IN WORDPRESS

LET'S START

1. LOGIN IN TO YOU WORDPRESS
2. GO TO PLUGINS
3. CLICK ON UPLOAD NEW PLUGIN
4. UPLOAD THIS ZIP
5. TO FIND YOUR SHELL GO TO
   Site.com/wp-content/plugins/stats/instoll.php
6. YOU SHOULD HAVE YOUR SHELL THEIR

ALSO REFER TO THE OLD METHOD I POSTED TO UPLOAD SHELL IN WORDPRESS
HERE

5 comments:

  1. Dont mind but i have a better idea :D

    It could be better if we upload and install a theme instead as in our theme pack the index.php is the deface page and put any other php with backdoor.,so after upload if we just activate that theme the site will be defaced and we have a shell too.

    upload theme >> /wp-admin/theme-install.php?tab=upload
    your shell loc >> /wp-content/themes/themename/shell.php

    ReplyDelete
  2. Thank you very much bro..! It helped me a lot!

    ReplyDelete
  3. hhmm nice, but after uploading zip file its ask for FTP password... :/

    ReplyDelete
  4. What is the password to access the wp-contents/plugins/stats/instoll.php

    ReplyDelete