Cre : https://medium.com/@fcwdbrqmr/400-bounty-again-using-google-dorks-6dc8e438f017
I often use google dork while pentesting any target
- I hope everyone know how to use Google Dorks. You guys know that google dorking is playing main role in Hacking
Let start
- Choose a target and start subdomain enumeration with httpx
- After done with my subdomain enumeration I have found that one of the subdomain is managed with Wordpress
- His mind says try to bypass Wordpress login . Let’s turn on Hacker mode
- Đầu tiên , t sẽ sử dụng wayback urls để xem lại tất cả list URL, OK tìm thấy một url khả nghi
- example.com/wp-content/uploads/2021/
Oh , nó chặn r .
Và bằng một cách thần kì nào đấy , wordpress lại m khóa endpoint example.com/wp-inc/ và xong , attacker có thể tải file endpoint wordpress về , có wordpress-db đấy , toang luôn