This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Title: RCE in Social Warfare Plugin Wordpress ( <=3D3.5.2 ) | |
# Date: March, 2019 | |
# Researcher: Luka Sikic | |
# Exploit Author: hash3liZer | |
# Download Link: https://wordpress.org/plugins/social-warfare/ | |
# Reference: https://wpvulndb.com/vulnerabilities/9259?fbclid=3DIwAR2xLSnan=ccqwZNqc2c7cIv447Lt80mHivtyNV5ZXGS0ZaScxIYcm1XxWXM | |
# Github: https://github.com/hash3liZer/CVE-2019-9978 | |
# Version: <=3D 3.5.2 | |
# CVE: CVE-2019-9978 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os | |
import mechanize | |
import urllib | |
import urllib2 | |
import re | |
import json | |
def rand_gen_phone(): | |
phone = '081' | |
for i in range(9): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
@WIFI.ID BYPASS WITH PYTHON | |
Cara menggunakan: | |
- Install python. | |
- Install library mechanize. | |
- Jalankan dengan perintah: python namafile.py | |
- Tunggu dan silahkan mencoba untuk browsing. | |
""" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /usr/bin/env python | |
""" | |
Technical Explanation: https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html | |
REST API Wordpress reference: https://developer.wordpress.org/rest-api/reference/posts/#update-a-post | |
Wordpress Version Affected: 4.7.0/4.7.1 | |
2017 - Coded by snoww0lf. | |
""" | |
import re |
OlderNewer