Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:30139
HistoryFeb 22, 2012 - 12:00 a.m.

Wordpress SB Uploader Plugin Shell Upload Vulnerability

2012-02-2200:00:00
Root
www.seebug.org
32
JSON

No description provided by source.


                                                =================================================================
# Title: Wordpress SB Uploader Plugin Shell Upload Vulnerability
# Author: JingoBD
# Category: webapps
# Team: Bangladesh Cyber Army
# Greetz: Bedu33n,N!1L,Rex0Man & All Member of BCA.
# http://facebook.com/life.is.code
# Plugin URI: http://wordpress.org/extend/plugins/sb-uploader/
# Plugin Description: Allows the simple uploading of images to posts,
pages, categories and custom post types/taxonomies. Provides
shortcodes and PHP functions for easy addition to your site.
# Version: 3.2 (Last Version)
# Risk : High
Tested on: Linux (Ubuntu)
--------------------------------
-[Exploit]-:
1. Dork: inurl:plugins/sb-uploader
2. Register vulnerable site. www.site.com/wp-register.php [N.B: If
public registration disable This exploit is not work]
3. Confrim your email, then login.
4. Add a new post. title,body something if you want. Look right
slidbar "SB Uploader" panel and upload a shell[PHP Shell]. Then
publish this post.
5. Now You get a new url. like: ""
Existing Post Image URL: /wp/wp-content/uploads/2012/02/img1.php
That is your shell Link. ""
---------------------------------
Thanks to ALLAH, who give me knowledge.
Long Live Bangladesh
My team Facebook Group: http://facebook.com/groups/bdcyberarmy
JSON