what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

WordPress SB Uploader Shell Upload

WordPress SB Uploader Shell Upload
Posted Feb 22, 2012
Authored by JingoBD

WordPress SB Uploader suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 09540ead48d9b07bb24b81a82dcf0e7504f9c95e04a027b3e35a157f61d8b56d

WordPress SB Uploader Shell Upload

Change Mirror Download
=================================================================
# Title: Wordpress SB Uploader Plugin Shell Upload Vulnerability
# Author: JingoBD
# Category: webapps
# Team: Bangladesh Cyber Army
# Greetz: Bedu33n,N!1L,Rex0Man & All Member of BCA.
# http://facebook.com/life.is.code
# Plugin URI: http://wordpress.org/extend/plugins/sb-uploader/
# Plugin Description: Allows the simple uploading of images to posts,
pages, categories and custom post types/taxonomies. Provides
shortcodes and PHP functions for easy addition to your site.
# Version: 3.2 (Last Version)
# Risk : High
Tested on: Linux (Ubuntu)
--------------------------------
-[Exploit]-:
1. Dork: inurl:plugins/sb-uploader
2. Register vulnerable site. www.site.com/wp-register.php [N.B: If
public registration disable This exploit is not work]
3. Confrim your email, then login.
4. Add a new post. title,body something if you want. Look right
slidbar "SB Uploader" panel and upload a shell[PHP Shell]. Then
publish this post.
5. Now You get a new url. like: ""
Existing Post Image URL: /wp/wp-content/uploads/2012/02/img1.php
That is your shell Link. ""
---------------------------------
Thanks to ALLAH, who give me knowledge.
Long Live Bangladesh
My team Facebook Group: http://facebook.com/groups/bdcyberarmy
Login or Register to add favorites

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close