Exploit Dokeos 1.8.4 - Arbitrary File Upload

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
4753
Проверка EDB
  1. Пройдено
Автор
ROMANCYXHACKER
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2007-6479
Дата публикации
2007-12-18
Код:
# Name : dokeos-1.8.4  Bypass Upload Shell From Your Profile (Your Cpanel)
# Download From : http://www.dokeos.com/download/dokeos-1.8.4.zip
# Found By : RoMaNcYxHaCkEr
# Home Page : Not Yet :(
# Google Dork : Platform Dokeos 1.8.4 © 2007
============================================================================
# Explantion By Video:
http://www.mediafire.com/?92em2pjx0s1
# Explantion Exploit :
First You Must Register In Script Ok :
http://localhost/dokeos/main/auth/inscription.php
And Enter By Username And Your Password The Enter Here Your Profile You Can See That Above :
http://localhost/dokeos/main/auth/profile.php
Then You See Choice My productions And See Browser Rename Your Shell To Shell.php.rar Then Choose Ok In Final
Then Enter Here And See Your Profiles And If You Online Or Not
http://localhost/dokeos/whoisonline.php
And Search Your Username And Enter Your Profile
Then You See All Information Which You Added !! Like That:
Productions
sniper.php.rar
See That Enter Your Name Shell And See Link Your Shell Like Me Here
http://localhost/dokeos/main/upload/users/4/sniper.php.rar
That,s All :)
Good Luck Everybody
============================================================================
# Greet To :
Cold Z3ro My Master (Hackteach.org)
Hack15 TeaM (V99x.com)
Sniper-Sa (Sniper-sa.com)
Tryag TeaM (Tryag.com)
Yee7 TeaM (Yee7.com)
H-T TeaM (no-hack.fr)
Str0ck
My5ql Team
Also: Saudi Kafo , Adel Alroh , Mr-Google , Kill eye And All My Friends
# For Contact : [email protected]
Best Wishes

# milw0rm.com [2007-12-18]
 
Источник
www.exploit-db.com

Похожие темы