Showing posts with label template. Show all posts
Showing posts with label template. Show all posts
Thursday, February 23, 2017
Wordpress Plugins impact template editor KCFinder Shell Upload
Wordpress Plugins impact template editor KCFinder Shell Upload
#- Title: Wordpress Plugins impact-template-editor KCFinder Shell Upload
#- Author: Putra Attacker
#- Date: -
#- Developer : WPEka Club
#- Link Download : wordpress. org/plugins/impact-template-editor/
#- Google Dork: inurl:"/plugins/impact-template-editor/"
#- Fixed in Version : -
#- Tested on : win
=======================================================
-- Proof Of Concept --
Vulnerable : /wp-content/plugins/impact-template-editor/lib/kcfinder/browse.php
When Vuln : Like a Kcfinder.
Methode :
1. Upload Your Shell, Php extension not allowed, so u can upload your shell with extension .php.asp / .php.pler
2. if Succesfully uploaded. find your shell.
Example :
browser.uploadURL = "/upload";
browser.dir = "impact";
See.. you can find your shell in Here
Available link for download
Subscribe to:
Posts (Atom)