[ Обзор уязвимостей WordPress ]

Discussion in 'Веб-уязвимости' started by ettee, 5 Oct 2007.

Page 17 of 19
  1. PoizOn

    PoizOn New Member

    Joined:
    6 Jun 2006
    Messages:
    5
    Likes Received:
    1
    Reputations:
    0
    Вот интересная бага:
    http://seclists.org/fulldisclosure/2015/Feb/75
    Но я до чего-то вразумительтного ее не докрутил
    admin.php?page=wc-reports&";><h1>
    admin.php?page=wc-reports&";><a>WOW</a>
     
    #321 PoizOn, 3 Aug 2015
  2. grimnir

    grimnir Members of Antichat

    Joined:
    23 Apr 2012
    Messages:
    1,114
    Likes Received:
    830
    Reputations:
    231
    _________________________
    #322 grimnir, 7 Dec 2015
    SuNDowN, Sleep and powerOfthemind like this.
  3. Sleep

    Sleep Elder - Старейшина

    Joined:
    31 Oct 2007
    Messages:
    274
    Likes Received:
    65
    Reputations:
    4
    Contact form 7

    Full Path Disclosure

    wp-content/plugins/contact-form-7/includes/upgrade.php
    /wp-content/plugins/contact-form-7/modules/acceptance.php
    /wp-content/plugins/contact-form-7/modules/akismet.php
    /wp-content/plugins/contact-form-7/modules/checkbox.php
    /wp-content/plugins/contact-form-7/modules/count.php
    /wp-content/plugins/contact-form-7/modules/date.php
    /wp-content/plugins/contact-form-7/modules/file.php
    /wp-content/plugins/contact-form-7/modules/flamingo.php
    /wp-content/plugins/contact-form-7/modules/jetpack.php
    /wp-content/plugins/contact-form-7/modules/listo.php
    /wp-content/plugins/contact-form-7/modules/number.php
    /wp-content/plugins/contact-form-7/modules/quiz.php
    /wp-content/plugins/contact-form-7/modules/really-simple-captcha.php
    /wp-content/plugins/contact-form-7/modules/recaptcha.php
    /wp-content/plugins/contact-form-7/modules/response.php
    /wp-content/plugins/contact-form-7/modules/select.php
    /wp-content/plugins/contact-form-7/modules/submit.php
    /wp-content/plugins/contact-form-7/modules/text.php
    /wp-content/plugins/contact-form-7/modules/textarea.php
     
    #323 Sleep, 4 Feb 2016
    Last edited: 4 Feb 2016
  4. grimnir

    grimnir Members of Antichat

    Joined:
    23 Apr 2012
    Messages:
    1,114
    Likes Received:
    830
    Reputations:
    231
    _________________________
    #324 grimnir, 8 Mar 2016
    sha9, Filipp, ..::TROYAN::.. and 1 other person like this.
  5. R3hab

    R3hab Member

    Joined:
    17 May 2015
    Messages:
    116
    Likes Received:
    8
    Reputations:
    6
    какие методы есть заливки шелла в wp?
     
    #325 R3hab, 20 Apr 2016
  6. powerOfthemind

    powerOfthemind New Member

    Joined:
    31 Jul 2015
    Messages:
    41
    Likes Received:
    4
    Reputations:
    1
    Смотря какие у тебя права в админк, если можешь редактировать шаблон то в страницу 404 пихаешь код шела и радуешься или через загрузку плагина, пакуешь в архив шел и льеш на сайт.
     
    #326 powerOfthemind, 20 Apr 2016
  7. .Light.

    .Light. Member

    Joined:
    12 Jul 2010
    Messages:
    195
    Likes Received:
    5
    Reputations:
    0
    WordPress Plugin Quick Page/Post Redirect Open Redirect Current plugin version: 5.1.3.
    WordPress Plugin WooCommerce-excelling eCommerce Cross-Site Scripting Current plugin version: 2.3.13.

    Есть чтонить под эти плагины?
     
    #327 .Light., 3 May 2016
  8. R3hab

    R3hab Member

    Joined:
    17 May 2015
    Messages:
    116
    Likes Received:
    8
    Reputations:
    6
    есть что нибудь на WordPress 4.4.4 ?
     
    #328 R3hab, 23 Aug 2016
  9. SaNDER

    SaNDER Banned

    Joined:
    9 Jul 2015
    Messages:
    213
    Likes Received:
    15
    Reputations:
    3
    Я нашёл токо это,но XSS ^.^
    сайт.ру/wp-admin/customize.php?theme=<svg onload=alert(1)>
     
    #329 SaNDER, 23 Aug 2016
  10. headWoW

    headWoW New Member

    Joined:
    26 Jun 2015
    Messages:
    4
    Likes Received:
    0
    Reputations:
    0
    Как можно взломать WP сайт посоветуйте способы
     
    #330 headWoW, 25 Aug 2016
  11. SaNDER

    SaNDER Banned

    Joined:
    9 Jul 2015
    Messages:
    213
    Likes Received:
    15
    Reputations:
    3
    Версию WP.
     
    #331 SaNDER, 29 Aug 2016
  12. powerOfthemind

    powerOfthemind New Member

    Joined:
    31 Jul 2015
    Messages:
    41
    Likes Received:
    4
    Reputations:
    1
    Cmsmap просканируй ,посмотри какие плагины стоят, потом ищи под них сплоит или ищи сам дыры в плагинах
     
    #332 powerOfthemind, 30 Aug 2016
  13. .Light.

    .Light. Member

    Joined:
    12 Jul 2010
    Messages:
    195
    Likes Received:
    5
    Reputations:
    0
    как узнать полный путь версия 4.6
     
    #333 .Light., 19 Sep 2016
  14. nikrus

    nikrus New Member

    Joined:
    23 Sep 2016
    Messages:
    4
    Likes Received:
    0
    Reputations:
    0
    Доброго времени суток. Есть необходимость получить доступ к админке wordpress 4.5.2. Возможно ли такое?
     
    #334 nikrus, 23 Sep 2016
  15. Sensoft

    Sensoft Member

    Joined:
    14 Jun 2015
    Messages:
    398
    Likes Received:
    38
    Reputations:
    1
    Попробуй эксплоит найти но я посмотрел не нашёл, и проскань впсканом
     
    #335 Sensoft, 23 Sep 2016
    Last edited: 24 Sep 2016
  16. nikrus

    nikrus New Member

    Joined:
    23 Sep 2016
    Messages:
    4
    Likes Received:
    0
    Reputations:
    0
    Впскан не кажет уязвимостей... Вопрос актуален, естественно все труды будут оплачены.
     
    #336 nikrus, 24 Sep 2016
  17. Sensoft

    Sensoft Member

    Joined:
    14 Jun 2015
    Messages:
    398
    Likes Received:
    38
    Reputations:
    1
    кинь ссылку в лс
     
    #337 Sensoft, 24 Sep 2016
  18. nikrus

    nikrus New Member

    Joined:
    23 Sep 2016
    Messages:
    4
    Likes Received:
    0
    Reputations:
    0
    Вопрос по админке актуален
     
    #338 nikrus, 27 Sep 2016
  19. jakonda1001

    jakonda1001 New Member

    Joined:
    17 Mar 2016
    Messages:
    178
    Likes Received:
    3
    Reputations:
    0
    скинь в личку
     
    #339 jakonda1001, 28 Sep 2016
  20. nikrus

    nikrus New Member

    Joined:
    23 Sep 2016
    Messages:
    4
    Likes Received:
    0
    Reputations:
    0
    Народ, неужели это нереально?
     
    #340 nikrus, 29 Sep 2016
(You must log in or sign up to post here.)
Page 17 of 19
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.