Drupal comment-form Upload Dangerous File

Published
Credit
Risk
2017.05.16
Family Attack Cyber
Medium
CWE
CVE
Local
Remote
N/A
N/A
No
Yes
Dork: inurl:"/register?destination=node/" intext:"Allowed file types: png gif jpg"

# Exploit Title : Deface Drupal File With Tamper
# Exploit Author : GU3LT03M
# DORK : inurl:"/register?destination=node/" intext:"Allowed file types: png gif jpg"
#
# [+] File Location :https://127.0.0.1/sites/default/files/[path]/file name
#
# Tutorial See here http://ryangueltoem.blogspot.co.id/2017/05/deface-drupal-file-with-tamper.html
#################################################################################
#
# [+] Demo :
#http://www.unitech.ac.pg/user/register?destination=node/717%23comment-form
#http://alumni.pec.ac.in/user/register?destination=node/77
#http://anh-academy.org/member/register?destination=node/576%23comment-form
#
#
# [+] File Location
#
# http://www.unitech.ac.pg/sites/default/files/filefield_paths/nitip.php.txt
#
#################################################################################
#
# Step By Step :
#
# 1. Dorking inurl:"/register?destination=node/" intext:"Allowed file types: png gif jpg"
# 2. Select one of the web
# 3. Open Tamper Data
# 4. Upload File .php.jpg
# 5. Tamper becomes .php
# 6. Right-click the file and open it in the new tab
#
#################################################################################
#
# Tutorial See here http://ryangueltoem.blogspot.co.id/2017/05/deface-drupal-file-with-tamper.html
#
#################################################################################

References:

http://ryangueltoem.blogspot.co.id


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com