WordPress.org

Support

Support » Plugins and Hacks » Hacks » SyRiAn Latest exploit

SyRiAn Latest exploit

  • #  ____ _ _    __ _ _ _ _  _      __      _ _    _             
    
    # /_ _ _|\ \  / /| |____ \| |    /  \    | |\ \  ||             
    
    # (_ _    \ \/ / | |____||| |   / /\ \   | | \ \ ||                      
    
    # \_ _ \   \  |  | |____/ | |  / /--\ \  | |  \ \||              
    
    # __ _) |  |  |  | |  \ \ | | / /----\ \ | |   \ \|          
    
    #|_ _ _/   |__|  |_|   \_\|_|/_/      \_\|_|    \_|    
    
    #  _ _ _ _          _ _
    
    # /_ _ _| |        | | |   [ ~~Syrian Sh3ll~~ ] is a php evil script , please use it against ISRAEL Only .  
    
    # (___  | |__   ___| | |   Coded By :  EH << SyRiAn | 34G13  <~> sy34[at]msn[dot]com
    
    # \___ \|  _ \ / _ \ | |   Note : I'm Proud to be ~~SyRiAn~~
    
    # __ _)|| | | || __/ | |   Copyright (C) 2010 - ~~ syrian-shell.com ~~
    
    #|_ _ _/|_| |_|\___|_|_|   Thanx : [ Allah ] [ HaniWT ] [ SyRiAn_SnIpEr ] [ SyRiAn_SpIdEr ] [ TNT Hacker ] .
    
    #
    
    ## leak3d by ~> chippy1337.. k0mpl1m3nts [ TFL ], [ XiX ], [ LuSiD ], [ hysterix ]

    Not sure if safe to post this image file this is the header of the php file uploaded as an image.

    My server stopped the script while it was running.

    I’m using the latest wordpress using News Magazine Theme 640

    user uploaded an image file as php code and started the script

    My question is how did wordpress load a php file as an image maybe does it mean the solution is to approve all images first by admin.

Viewing 1 replies (of 1 total)
  • How did they start the script? I can shell myself using this exploit in the root folder obviously as a exploit.php file (nice options too) but this wont work uploaded as a renamed file. It might upload as one, but I couldn’t get it to function from there, probably as intended 🙂

Viewing 1 replies (of 1 total)
  • The topic ‘SyRiAn Latest exploit’ is closed to new replies.