dr.d3v1l Posted June 5, 2012 Report Posted June 5, 2012 # Exploit Title: [Wordpress Upload Form Vuln]# Vendor or Software Link: none# Version: 3.2.1# Category:: [webapps,]# Google dork: [inurl:/wp-content/plugins/easy-comment-uploads/upload-form.php]# Tested on: [Windows XP Service Pack 3]# Demo site: fashion-course.com - fashion-course Resources and Information.Example: shell fashion-course.com - fashion-course Resources and Information. Quote
ionutz15 Posted June 5, 2012 Report Posted June 5, 2012 In ce format trebuie urcat shell'u?You are attempting to upload a file with a disallowed/unsafe filetype!Am incercat cu c99.php Quote
SirGod Posted June 5, 2012 Report Posted June 5, 2012 Dupa cate vad la demo poti uploada fisiere PHTML. Din cate stiu eu serverul trebuie configurat ca sa le poata "rula". Majoritatea nu sunt (probabil nu iti va merge in niciunul dintre cazuri - le vei putea uploada, dar nu vor fi 'rulate', probabil o sa iti tranteasca un dialog de download sau sa iti afiseze continutul direct in browser). Quote
gugustiuc Posted June 9, 2012 Report Posted June 9, 2012 mda parca a mai fost postat acum ceva timp pe aici...pe majoritatea se pot urca doar .jpg Quote
