Forum Thread: Exploit Revslider Wordpress Vulnerability

Hi,

Revslider is a huge Wordpress Plugin/Add-on, this making it big eye candy for a lot of hackers. The plugin use to be fairly famous and still is. There are still thousands of websites running the add-on which are vulnerable to a deface. This revslider 0day is pretty much like WebDAV, but this one only targets Wordpress websites. This exploit does not target the index.php directory, but you can change the HTML towards PHP and you can install a shell onto the web-server, or install malware on the target host. Revslider is called: "Slider Revolution" and it is the highly acclaimed Slide-Based displaying solution, thousands of businesses, theme developers and everyday

people use and love!" as said on there website: http://revolution.themepunch.com/

This is the script for the RevSlider 0DAY Exploit: http://pastebin.com/R6Eau2ps

Too change the deface rights, check line 40, and change it towards whatever hacktivism name you use.

Regards,

R00T

7 Responses

Well, you stole this.

You aren't forever alone, I'm here with you, bro. And, I honestly don't care. Aslong as it exploits something...

Misleading title like C|H said.

" I honestly don't care" Name it I found this on pastebin and maybe you guys want to look at it.

Found it on GitHub. Looks like he just removed the credits at top and copyright note at the bottom and changed the deface.

Does anybody know where to find more information on this exploit?

Ok. Ill re-edit this exploit and add more info on it, too.

Really? You plagiarized this too. Original post can be found here. Please give credit to the owners.

Share Your Thoughts

  • Hot
  • Active