07-27-2013, 07:03 PM
(07-24-2013, 12:44 AM)dharaninja Wrote:Mengamankan halaman login wordpress dengan tampilan 404 Not Found, sebenarnya sama konsepnya kayak webshell WSO, 1n73ction. Jadi, pas pertama dibuka halaman loginnya, tampilannya 404 Not Found. Namun, kalau klik Tab dan masukan password maka akan tampil halaman login wordpress yang asli. Oke, gak usah basa basi langsung saja ke inti.
PHP Code:<?php
error_reporting(E_ALL^(E_NOTICE|E_WARNING));
//authentication
$auth_pass = "[color=#FF0000]e25b9a5d4b937a9853d1f5bbd8d51ef4[/color]"; //password ente dlm bentuk md5
$color = "#00ff00";
$default_action = 'FilesMan';
@define('SELF_PATH', __FILE__);
if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
header('HTTP/1.0 404 Not Found');
exit;
}
@session_start();
@error_reporting(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
@define('VERSION', '2.1');
if( get_magic_quotes_gpc() ) {
function stripslashes_array($array) {
return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
}
$_POST = stripslashes_array($_POST);
}
function printLogin() {
?>
<title>404 Not Found</title>
<h1>404 Not Found</h1>
<p>The requested URL was not found on this server.</p>
<p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server <?=$_SERVER['HTTP_HOST']?> at Port 80</address>
<style>
input { margin:0;background-color:#fff;border:1px solid #fff; }
</style>
<pre align=center>
<form method=post>
<input type=password name=pass>
</form></pre>
<?php
exit;
}
if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
if( empty( $auth_pass ) ||
( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )
$_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
else
printLogin();
if( strtolower( substr(PHP_OS,0,3) ) == "win" )
$os = 'win';
else
$os = 'nix';
$safe_mode = @ini_get('safe_mode');
$disable_functions = @ini_get('disable_functions');
$home_cwd = @getcwd();
if( isset( $_POST['c'] ) )
@chdir($_POST['c']);
$cwd = @getcwd();
if( $os == 'win') {
$home_cwd = str_replace("\\", "/", $home_cwd);
$cwd = str_replace("\\", "/", $cwd);
}
if( $cwd[strlen($cwd)-1] != '/' )
$cwd .= '/';
if($os == 'win')
$aliases = array(
);
else
$aliases = array(
);
Code di atas adalah code php untuk fungsi login 404 Not Foundnya. Nah terus codenya, dicopy paste di halaman wp-login.php dengan mengganti tag <?php dengan script diatas. Jadi scriptnya seperti ini.
PHP Code:<?php
error_reporting(E_ALL^(E_NOTICE|E_WARNING));
//authentication
$auth_pass = "[color=#FF0000]eab5e609f5291654e2ceb84ff6c9556a[/color]"; //password ente dlm bentuk md5
$color = "#00ff00";
$default_action = 'FilesMan';
@define('SELF_PATH', __FILE__);
if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
header('HTTP/1.0 404 Not Found');
exit;
}
@session_start();
@error_reporting(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
@define('VERSION', '2.1');
if( get_magic_quotes_gpc() ) {
function stripslashes_array($array) {
return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
}
$_POST = stripslashes_array($_POST);
}
function printLogin() {
?>
<title>404 Not Found</title>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
<p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server <?=$_SERVER['HTTP_HOST']?> at Port 80</address>
<style>
input { margin:0;background-color:#fff;border:1px solid #fff; }
</style>
<pre align=center>
<form method=post>
<input type=password name=pass>
</form></pre>
<?php
exit;
}
if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
if( empty( $auth_pass ) ||
( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )
$_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
else
printLogin();
if( strtolower( substr(PHP_OS,0,3) ) == "win" )
$os = 'win';
else
$os = 'nix';
$safe_mode = @ini_get('safe_mode');
$disable_functions = @ini_get('disable_functions');
$home_cwd = @getcwd();
if( isset( $_POST['c'] ) )
@chdir($_POST['c']);
$cwd = @getcwd();
if( $os == 'win') {
$home_cwd = str_replace("\\", "/", $home_cwd);
$cwd = str_replace("\\", "/", $cwd);
}
if( $cwd[strlen($cwd)-1] != '/' )
$cwd .= '/';
if($os == 'win')
$aliases = array(
);
else
$aliases = array(
);
/**
* WordPress User Page
*
* Handles authentication, registering, resetting passwords, forgot password,
* and other user handling.
*
* @package WordPress
*/
[color=#1E90FF]lanjut script wp-login.php[/color]
<?php
login_footer();
break;
} // end action switch
untuk demonya
/wp-login.php
password = canyouguessit
nice share,,