wpthumb – WordPress TimThumb Exploit

WPthumb is a tools for accelerate the exploitation of flaws in the scripts used in timthumb.php Themas CMS WordPress and plugins.The application is to check covers Dozens of common locations where the thumb can be located, after finding it tries to explore it, and he simply show you the address of your CMD online, and the generated hash as the file name.You must use another application to generate your cmd file that will be hosted online and get the hash of it, a good tool for this is timthumbcraft, will available for download below.It is good to note that the exploit to work properly, you need to host the cmd in domains that start with ‘flickr.com’, ‘picasa.com’, ‘blogger.com’, ‘wordpress.com’ or ‘img.youtube.com ‘the only way it will work perfectly! It is also necessary that the version of timthumb vulnevárel is, if I engado are versions <= 1.30.

Scan Result Link: http://my-avscan.com/result.php?scan=NDQzNDk4

Scan Date: 2012-04-27
Scan Occured: 1 minute ago
File Name: WPthumb.exe
File Size: 1059328 bytes
MD5 Hash: f42866586f1cc49716e905938701f6a5
SHA1 Hash: 451340f9fc01d334110fb20356320d45993220b2
Status: Clean
Total Result: 0/37

Download Version :
wpthumb-by-Gothie.zip (405.1 kB)
timthumbcraft.rar (184.3 kB)
Find Other version |
Read More in here : http://sourceforge.net/projects/wpthumb/