facebook facebook twitter rss

ClipBucket 2.X.X File Upload Vulnerability

Author: TUNISIAN CYBER , Published: 16-12-2013
[+] Author: TUNISIAN CYBER
[+] Exploit Title: ClipBucket 2.X.X File Upload Vulnerability
[+] Date: 16-12-2013
[+] Category: WebApp
[+] Vendor: http://clip-bucket.com/
[+] Google Dork: intext:"Forged by ClipBucket"
[+] Tested on: Win7
[+] Friend's blog: http://na3il.wordpress.com/

########################################################################################
1/Signup: 127.0.0.1/[PATH]/signup.php
2/Activate your account.
3/Go to: 127.0.0.1/[PATH]/photo_upload.php
4/Upload your shell: c99.jpg
5/Shell Path: 127.0.0.1/files/photos/[encrypted file name].jpg
or go 127.0.0.1/[PATH]/view_channel.php?user=[USERNAME] and click on your uploaded image

Demo:
http://bigloutube.com : http://bigloutube.com/files/photos/13872023345bae06_m.jpg
http://www.krebsvideo.com/
http://sonocloud.org/user/
http://realitywebvideo.com/
########################################################################################
Greets to: XMaX-tn, N43il HacK3r, XtechSEt,sec4ever

Like us on Facebook :