|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*| |-------------------------------------------------------------------------| | [+] Exploit Title:Guestbook Remote Shell Upload Vulnerability | [+] Google Dork:site:.com.tw inurl:"addentry.php" | [+] Google Dork2:"Advanced Guestbook 2.4.3" | [+] Exploit Author: Ashiyane Digital Security Team | [+] Tested on: Windows,Linux | [+] AVN : ASH-2013-140 |-------------------------------------------------------------------------| |-------------------------------------------------------------------------| | [+]Vendor Home :http://www.proxy2.de/ |-------------------------------------------------------------------------| | [+] Exploit: | [+] http://localhost/[path]/gbaddentry.php |-------------------------------------------------------------------------| | [+] Demo site: | [+] http://www.ladorishti.com/guestbook/addentry.php |-------------------------------------------------------------------------| | [+] Proof: | [+] 1-Go to http://localhost.com.tw/guestbook/addentry.php | [+]2-Fill in the blanks | [+]3-Click To Browse And Select File(.jpg) | [+]4-Clict to ok for upload | [+]5-Go to http://local.com/guestbook/index.php | [+]6-Click on The picture and right click for read image ingo and copy | [+]7-uploaded files url:http://www.localhost.com.tw/guestbook/public/name |-------------------------------------------------------------------------| | [+] Discovered By :hossein19123 & Ba3bak | | [+]Greetz to: My Lord Allah | [+]Sp Tnx To:PrinceofHacking , C4T , V1R4N64R , MR.SAMAN, Tr0janman | [+]Ashiyane Security [ Researcher Team AND Deface Team ] |-------------------------------------------------------------------------| | [+]Home:Ashiyane.Org | |-------------------------------------------------------------------------| |*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|