Last active
May 4, 2017 06:04
-
-
Save jaygooby/22d46980749537a6f092f33d10507e7a to your computer and use it in GitHub Desktop.
Are you vulnerable to https://exploitbox.io/vuln/WordPress-Exploit-4-6-RCE-CODE-EXEC-CVE-2016-10033.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Check if your Wordpress install is vulnerable to | |
// https://exploitbox.io/vuln/WordPress-Exploit-4-6-RCE-CODE-EXEC-CVE-2016-10033.html | |
// | |
// After you've saved this to your docroot/wp-content folder, you can call | |
// curl -sH "Host: vulnerable" http://example.com/wp-content/vars.php | grep SERVER_NAME | grep vulnerable | |
// where example.com is your actual wordpress domain. | |
// | |
// If you see nothing, you're fine; you're either running nginx or the patched version of Wordpress. | |
// If you see [SERVER_NAME] => vulnerable, then you should patch ASAP | |
// | |
// See this thread for details on how Apache's UseCanonicalName | |
// might also help: https://twitter.com/FiLiS/status/859865482215784448 | |
// | |
// Delete the vars.php file once you know either way! | |
// | |
// @jaygooby on Twitter | |
print_r($_SERVER); | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment