.. | |||
README.md | Loading last commit info... | ||
exploit.py |
README.md
WordPress Plugin Cforms 14.7 - Remote Code Execution
prok3z@prok3z ~/Á/p/W/CVE-2014-9473 [2]> python2 exploit.py -h
Cforms II File Upload + Remote Code Execution
Usage: exploit.py [options]
Options:
-h, --help show this help message and exit
-f FILE, --file=FILE file to upload
-i ITERATIONS, --max-iterations=ITERATIONS
Numbe of fields to iterate
-b BRUTE, --upload-file-name-bruteforce=BRUTE
Uploaded file name brute force
-n NUMBER, --cforms-form-number=NUMBER
Cforms form number
-c HOME, --cforms-home-dir=HOME
Cforms form home dir
-u URL, --url=URL vulnerable url with contact form, example:
http://127.0.0.1/Contact/