Wednesday, January 7, 2015

Find Vulnerable timthumb script all over the server

find . -name "*thumb.php" -exec grep -H -n 'WEBSHOT_ENABLED' {} \;

or

find / -name '*.php' -exec grep WEBSHOT_ENABLED {} \;


To secure it use :

define (‘WEBSHOT_ENABLED’, false); 

No comments:

Post a Comment