getaphpsite Real Estate Remote File Upload Vulnerability

2008-11-22T00:00:00
ID 1337DAY-ID-4225
Type zdt
Reporter ZoRLu
Modified 2008-11-22T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ========================================================
getaphpsite Real Estate Remote File Upload Vulnerability
========================================================



[~] geta php Real Estate Remote File upload
[~]
[~]----------------------------------------------------------
[~] Discovered By: ZoRLu  
[~]
[~] Date: 22.11.2008
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~] -----------------------------------------------------------

first register to site 

login to site and edit your profile

upload your_shell.php 

your_shell.php path:

localhost/script/re_images/[ID]_logo_your_shell.php

example for demo:

login: http://www.getaphpsite.com/demos/realty/login.php

user: zorlu

passwd: zorlu1

shell:

http://www.getaphpsite.com/demos/realty/re_images/1227371905_logo_c.php

[~]----------------------------------------------------------------------



#  0day.today [2018-04-11]  #