WordPress Easy Comment Upload Vunerablity
Google Dork
"inurl:/wp-content/plugins/easy-comment-uploads/upload-form.php"
/wp-content/plugins/easy-comment-uploads/upload-form.php
Index of /wp-content/plugins/easy-comment-uploads
Open Google and enetr any dork which Given,
Now selct any website
and goto this url site.com/wp-content/plugins/easy-comment-uploads/upload-form.php
You'll Got Upload Option here :)
Now Upload Your Deface ....
and check it here site.com/wp-content/uploads/2011/05/yourfilehere
Note :- In some websites you can Upload your deface in txt on only ... and you can upload shell in 50% sites only ... upload shell in image format ex; shell.asp;.jpg
Live Demo :-
http://equator-indonesia.com/
http://equator-indonesia.com/wp-content/plugins/easy-comment-uploads/
http://www.findthepearl.com/wp-content/plugins/easy-comment-uploads/upload-form.php
http://equator-indonesia.com/wp-content/uploads/2011/11/hacked.tx
No comments:
Post a Comment