[DEFACE] How To Deface with WordPress Reflex Gallery

———————————————————————
– Dork : inurl:/wp-content/plugins/reflex-gallery/
– Exploit : wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php
– Vuln : {“error”:”No files were uploaded.”}
– My Site Vuln: http://sjoyster.com/
– Script CSRF :

————————————————————————

Okay Lets Go to Tutorial

– Save script CSRF [ reflex.html ]
– Change The Site , to site Vuln
– Save
– Chek The Vuln
– Oh yeah, that vuln
– Open The Script in the Browser
– Upload your shell
– bcc.php is my shell
– Click “Pwn!”
– Succses
– Open your Shell in the :
[sitecom/wp-content/uploads/shellphp[sitecom/wp-content/uploads/shellphp