Home / exploitsPDF  

WordPress WPtouch Mobile 3.4.5 Shell Upload

Posted on 27 August 2014

Wordpress WPtouch Mobile Plugin File Upload Vulnerability ================================= ==================== ______ ___/ / / / / / / /___ ____ ___/__ / / ____ ____ _______ ____ ___/ / : / / / /__ / / / / / / / / / / / | / / / / / / / / / / / / / /__/ / /__/ / / / / --X-- / / / / / / / / / / / / / / / /__ / __/ / / |\____/__/__/\____/\____/__/__/__/\____/__/ /__/ / /\____/\____/ : ____ \____/: / \____ ____ ____ ____ ____ | / / / / / / / --X-- Don Tukulesto / / /__/ /__/ / / /__/ /__/| / / / / / / / __/__ /__ / : /__/__/\____/\____/\____/ / / / / www.indonesiancoder.com\____/\____/ 73 78 68 79 78 69 83 73 65 78 67 79 68 69 82 Found by : k4L0ng666 (k4L0ng666@indonesiancoder.com) Submited by : Don Tukulesto (root@indonesiancoder.com) Homepage : http://indonesiancoder.com Published : August 26, 2014 Tested On : OS X 10.9.4 ================================= ==================== ================== | Software Info |================== [>] Download : http://downloads.wordpress.org/plugin/wptouch.3.4.5.zip [>] Software : WPtouch Mobile Plugin - Wordpress Plugin [>] Plugin Version : 3.4.5 [>] Vulnerability : File upload I. Proof of Concept ================================= ==================== You can execute any .php code into uploader, then you can find the backdoor at /wp-content/wptouch-data/ See Image below II. Vendor patch ================================= ==================== Currently manufacturers do not provide patches or upgrades. Because it’s the new version. m/ ================================= ==================== WE ARE ONE UNITY, WE ARE A CODER FAMILY AND WE ARE INDONESIAN CODER [>] Malang Cyber Crew ~ Magelang Cyber ~ Exploit-ID ~ Kill-9 Crew ~ Jatimcom “People should not be afraid of their governments. Goverments should be afraid of their people.” -V “Knowledge, like air, is vital to life. Like air, no one should be denied it.” ~(^_^)~ ================================= ====================

 

TOP