Sign in to follow this  
Followers 0
m.rce

Hacker newbie aid on WP and pdf

2 posts in this topic

hi all!

first of all, I'd like to know from some competent guy if my hacking platform is ok: i'm using JAP. Is JAP good enough? How'd you rate JAP for ...privacy?

Next, my questions: I am trying to use the Wordpress 3.0.1 hack at http://www.exploit-db.com/exploits/15684/ (should be http://www.cvedetails.com/cve/CVE-2010-4257/). While fuzzing the page i am interested into, I did notice i got some 'blind' sql injections possible over comments field (i got a 500 internal error, which should happen only IFF the field value breaks the query in the script, no??

Now, I do not understand how to use http://www.exploit-db.com/exploits/15684/: it says "Exploitation. The logged in user must have publish_posts and edit_published_posts capabilities (this corresponds to the Author role)". What's the point of exploiting something if I have the author role - I mean, if I am blog's Author, wtf. *OR* it means that I leave a comment AND when the blog's author VIEW it the exploit triggers? Is anybody capable of explaining me how to use it??

Next part: Malicious PDF/SWF with metasploit. I examined the module creator, and I have a question: is it possible to 'edit' the generated pdf in order to add content of some kind? As it comes out, the created PDF/SWF is rather... empty. I have examined the possibility to create manually a pdf and embed it out of metasploit, but I do not know well the exploit string/how to generate it, so i've learned how to create a pdf (manually, not with a printer filter) but... I dont know the exploit string to embed.

Thanks in advance.

Edited by m.rce
0

Share this post


Link to post
Share on other sites

hi all!

first of all, I'd like to know from some competent guy if my hacking platform is ok: i'm using JAP. Is JAP good enough? How'd you rate JAP for ...privacy?

Next, my questions: I am trying to use the Wordpress 3.0.1 hack at http://www.exploit-db.com/exploits/15684/ (should be http://www.cvedetails.com/cve/CVE-2010-4257/). While fuzzing the page i am interested into, I did notice i got some 'blind' sql injections possible over comments field (i got a 500 internal error, which should happen only IFF the field value breaks the query in the script, no??

Now, I do not understand how to use http://www.exploit-db.com/exploits/15684/: it says "Exploitation. The logged in user must have publish_posts and edit_published_posts capabilities (this corresponds to the Author role)". What's the point of exploiting something if I have the author role - I mean, if I am blog's Author, wtf. *OR* it means that I leave a comment AND when the blog's author VIEW it the exploit triggers? Is anybody capable of explaining me how to use it??

Next part: Malicious PDF/SWF with metasploit. I examined the module creator, and I have a question: is it possible to 'edit' the generated pdf in order to add content of some kind? As it comes out, the created PDF/SWF is rather... empty. I have examined the possibility to create manually a pdf and embed it out of metasploit, but I do not know well the exploit string/how to generate it, so i've learned how to create a pdf (manually, not with a printer filter) but... I dont know the exploit string to embed.

Thanks in advance.

I believe it's possible to target an existing PDF with MSF's PDF exec exploit for Windows.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0