microUpload suffers from a remote shell upload vulnerability.
ebf172ea5c6483c6769e02ae1f553a889b95ec446f1e2fc4f7366dff4e66d7a0
# Exploit Title: microUpload Upload Shell Vulnerability
# Date: 2010-02-15
# Author: Phenom
# Software Link: http://www.phptoys.com/request.php?10
# Version:
# Tested on: Windows xp sp3
# CVE :
# Code :
------------------------------------------------------
------------------------------------------------------
_____ _
| __ \| |
| |__) | |__ ___ _ __ ___ _ __ ___
| ___/| '_ \ / _ \ '_ \ / _/\| '_ ` _ \
| | | | | | __/ | | | (_) | | | | | |
|_| |_| |_|\___|_| |_|\/__/|_| |_| |_|
------------------------------------------------------
------------------------------------------------------
####### microUpload Upload Shell Vulnerability #####################
#
# Author : Phenom
#
# mail : sys.phenom.sys@gmail.com
#
# app vendor : www.phptoys.com
#
#################################################################################
####### Exploit #################################################################
#
# 1- http://site.com/path/microUpload.php
#
# upload your shell
#
# 2- http://site.com/path/yourshell.php
#
# get your shell
#
#################################################################################