Blog Nanda: Mini File Host v1.5 Remote File Upload Vulnerability

Mini File Host v1.5 Remote File Upload Vulnerability
=====================================================================

 
=========
                      _      _       _          _      _   _
                     / \    | |     | |        / \    | | | |
                    / _ \   | |     | |       / _ \   | |_| |
                   / ___ \  | |___  | |___   / ___ \  |  _  |
   IN THE NAME OF /_/   \_\ |_____| |_____| /_/   \_\ |_| |_|
 
 
=====================================================================
 
=========
        [»] ~ Note : This vulnerability allows you to upload if the "storage" file isn't protected with a htaccess file or
 
anything else
=====================================================================
 
=========
        [»] Mini File Host v1.5 Remote File Upload Vulnerability
=====================================================================
 
=========
 
    [»] Script:             [ Mini File Host ]
    [»] Language:           [ PHP ]
    [»] Site page:          [ Mini File Host v1.5 ]
    [»] Download:           [ http://www.hotscripts.com/listing/mini-file-host/ ]
    [»] Founder:            [ Mr.Z <tzar.evil@yahoo.com> ]
    [»] Greetz to:          [ all muslims , ViRuSMaN  ]
 
###########################################################################
 
===[ Exploit ]===
 
  Click on "Browse" and select your php shell
  Click Upload
  After it finishs , you will see this meassage (
 
  Your file was uploaded!
 
  Your download link
 
  http://server/script/download.php?file=328shell.php
 
  )
 
  Copy the new Name of the shell "328shell.php"
 
  Now Go to this Url
 
  http://server/script/storage/328shell.php
 
  if "Storage" wasn't protected your shell will open
 
 
Author: Mr.Z <-
 
###########################################################################







Jumat, 25 November 2011
 // 
Label:
Web Hacking
 // 
0
komentar
 // 

Do you like this article? Share It!