lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 16 Jan 2017 15:17:13 +0100
From: "Diego" <diego@...goceldran.es>
To: <fulldisclosure@...lists.org>
Subject: [FD] New exploit for new vulnerability in WordPress Plugin +
	tutorial

Hi guys.

 

I foun’t a new vulnerabiliti in a wordpress plugin called: “Direct Download
for WooCommerce”.

 

This vulnerability allow you make an Remote LFI download, so, we can
download any in the server where we’re running this plugin, I foun’t this
vulnerability the last week and I reported this to Kameleon but i don’t know
if this bug is partched right now in a new versión.

 

I’ve been written an exploit to this plugin in Python. This exploit allow
you:

 

-          Test if the plugin exists in the server.

-          Download any file from the server where the WordPress plugin is
running.

-         Select any option by default or make your own personalized
download.

 

I published this exploit in my website today, here you’ve got the direct
link:

http://www.diegoceldran.es/producto/remote-lfi-for-direct-download-for-wooco
mmerce-up-to-v1-15/

 

Thanks for all!

 

-------- UPDATE --------

To see an completly tutorial about how to use this exploit you’ve got it in:

http://www.diegoceldran.es/how-to-use-exploit-remote-lfi-for-direct-download
-for-woocommerce-up-to-v1-15/

 


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists