# Exploit Title: File Upload Form File Arbitrary Upload
# Date: 05/02/2012
# Author: Daniel Godoy
# Author Mail: DanielGodoy[at]GobiernoFederal[dot]com
# Author Web: www.delincuentedigital.com.ar
# Software: File Upload Form
# http://www.zubrag.com/scripts/file-upload-form.php
# Tested on: Linux

  
[Comment]
Greetz: Hernan Jais, Alfonso Cuevas, SPEED, Sensei, Incid3nt,
Maximiliano Soler
    Sunplace, Pablin77,_tty0, Login-Root,Knet,Kikito,Duraznit0,
InyeXion
    her0, r0dr1 y LinuxFer, Scorp, Nettoxic, Apokalypsis y demas
user de RemoteExecution 
    www.remoteexecution.info www.remoteexcution.com.ar 
    #RemoteExecution Hacking Group

[File Arbitrary Upload]

you can upload any type of file with any extension and will be
renamed by up '. rand (md5 ()).'. php

example: up5f923ffca9e6c8674c04cbf66db3f110.php

to see uploads contact

http://path-upload/tmp/

-------------------------
Correo enviado por medio de MailMonstruo - www.mailmonstruo.com