Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormMr.tro0oqyPACKETSTORM:79710
HistoryJul 28, 2009 - 12:00 a.m.

In-Portal 4.3.1 Shell Upload

2009-07-2800:00:00
Mr.tro0oqy
packetstormsecurity.com
11
JSON
`=======================================================  
+++++++++++++++++++ information +++++++++++++++++++++++  
=======================================================  
[+] Script :In-Portal v 4.3.1 Shell Upload Vulnerability  
  
[+] D0rk : Powered by In-portal ® 1997-2009,  
  
[+] Script site : www.in-portal.net  
  
[+] Found by : Mr.tro0oqy   
  
[+] C0ntact : [email protected] <Yemeni ana>  
=======================================================  
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++  
=======================================================  
exploit:  
-------  
step1: register in site   
  
http://www.xxx.com/path/platform/login/register.html  
  
step2: go to your profile   
  
http://www.xxx.com/path/platform/my_account/my_profile.html  
  
step3: upload shell.php  
  
step4: get shell  
  
http://www.xxx.com/path/kernel/images/shell.php  
  
  
Demo:  
-----  
http://www.in-portal.net/demo  
-----  
  
  
  
  
Yemeni ana ;)  
  
`
JSON