A remote code execution vulnerability to get Yahoo, Microsoft, Orange-vulnerability warning-the black bar safety net

2014-05-21T00:00:00
ID MYHACK58:62201447339
Type myhack58
Reporter 佚名
Modified 2014-05-21T00:00:00

Description

Write ahead:

An Egyptian hacker through a file upload, scored several large manufacturers its web site. And this dude talking was funny, a Comedy effect. The English version look here.

Body:

Hello guys, today I will show you a“Unauthorized Admin Access” caused by the “Remote Code Injection” I was using this loophole to get a Yahoo, Microsoft and Orange website Oh.

Incredible, isn't it? That the following is to witness the miracle of the moment. One day I was on yahoo's page on the chaos turn, in my search for the admin backend when you find such a page. Where ymx on behalf of my own account)http://mx.horoscopo.yahoo.net/ymx/editor/

Does not require any authentication on the landing going in, I thought he would say “Unauthorized Admin Access AKA Indirect Object Reference“, huh huh.

!

You see to the left of the file list? I can also create a similar aspx files. First, to intercept it POST to submit the data.

!

You see the POST: FileName=zigoo. aspx&FileContent=zigoo this line when it should have been clear, I ask you can use any of the content to be replaced. (Bunker, wood there!)

!

Then I'll casually write something, this can already prove that vulnerabilities exist.

!

Let evil find, what is a subdomain of the existence of this vulnerability:

Yahoo:

http://pe.horoscopo.yahoo.net

http://mx.horoscopo.yahoo.net

http://ar.horoscopo.yahoo.net

http://co.horoscopo.yahoo.net

http://cl.horoscopo.yahoo.net

http://espanol.horoscopo.yahoo.net

[1] [2] next