| Filename | FileChucker-Uploader v4.x File Upload Vulnerability |
| Permission | rw-r--r-- |
| Author | amiqmuzad |
| Date and Time | 3/16/2012 |
| Label | ./FileUp |
| Action |
[~] FileChucker-Uploader v4.x File Upload Vulnerability
[~] Author : MoEZad (IndonesianCoder Team | MagelangCyber Team)
[~] Homepage : http://facebook.com/groups/pastelcybercrew
[~] Date : 16 Mar , 2012
[ Software Information ]
[+] Vulnerability : File Upload
[+] Dork : allintext:"File Upload by Encodable"
[+] LOCATION : INDONESIA -
[ Vulnerable File ]
[+] http://127.0.0.1/[MoEZad]/uploaddemo/
[+] http://127.0.0.1/[MoEZad]/upload/
[+] http://127.0.0.1/[MoEZad]/upload/filechucker.cgi
[+] http://127.0.0.1/[MoEZad]/cgi-bin/filechucker.plx
[+] http://127.0.0.1/[MoEZad]/file-upload
[ POC ]
[+] http://tradeshowdirect.com/uploader/files/pc-crew.htm
[+] http://presstimecolor.com/upload/files/pc-crew.htm
[+] http://encodable.com/uploaddemo/files/pc-crew.htm
[ Thx TO ]
[+] MAGELANG CYBER TEAM
[+] INDONESIAN CODER TEAM
[+] KILL-9 CREW
[-] PASTEL CYBER CREW
[*] Symin, DHIAKA_27, Judy_Geeks ~ etc etc
[ NOTE ]
[+] just testing security... ;)
0 komentar:
Posting Komentar