标题: WordPress插件wp-catpro任意文件上传 [打印本页] 作者: admin 时间: 2013-2-27 20:12 标题: WordPress插件wp-catpro任意文件上传 Wordpress plugins - wp-catpro Arbitrary File Upload Vulnerability 3 f9 k. a# l8 A" X#----------------------------------------------------------------------- ! j& T& `, B) J. Z 6 P/ R7 _/ L; i4 J- k& B/ J+ S; n作者 => Zikou-16" z3 d" o. z1 u& v4 L
邮箱 => zikou16x@gmail.com : [. a; Z! L: b测试系统 : Windows 7 , Backtrack 5r3 7 h3 Z4 d: F* a下载地址 : http://xmlswf.com/images/stories/WP_plugins/wp-catpro.zip! J$ q, Z3 b/ S" w. ?& B
####5 }1 f1 o/ C( Q$ a
8 p& @7 F, x a# ~& c* W8 [# Y; c#=> Exploit 信息: # j/ q: a0 n& d, X& ?------------------# G6 w, W! w! U% |' w% P2 E" ?$ U
# 攻击者可以上传 file/shell.php.gif 6 h: j. K0 Y" W5 Z# ("jpg", "gif", "png") // Allowed file extensions - T% d8 B' @* X; U# "/uploads/"; // The path were we will save the file (getcwd() may not be reliable and should be tested in your environment) % i* Y o/ p: q& C! |) _; C. q# '.A-Z0-9_ !@#$%^&()+={}\[\]\',~`-'; // Characters allowed in the file name (in a Regular Expression format) . k" B; E& I1 X$ `7 ~9 y# J------------------8 @6 L1 V- q0 P8 J( A