Job Script 2.0 Arbitrary Shell Upload Vulnerability

		当前位置：主页>安全文章>文章资料>Exploits>文章内容

Job Script 2.0 Arbitrary Shell Upload Vulnerability

来源：vfocus.net 作者：vfocus 发布时间：2009-05-22

  ___ ___         __                        
 /   |   \_____  |  | _____  ___ ___________
/    ~    \__  \ |  |/ /\  \/  // __ \_  __ \
\    Y    // __ \|    <  >    <\  ___/|  | \/
 \___|_  /(____  /__|_ \/__/\_ \\___  >__|  
       \/      \/     \/      \/    \/   :: Egy Coders Team Researcher
/- Job Board => Arbitrary File Upload Vulnerability
/- demo : http://www.jobscriptdemo.com
/- Greetz : ExH , ProViDoR , Bright D@rk , Error Code , all team
/- Proud To Be Egyptian .....
/- http://hakxer.blogspot.com/

* Hi every body
* in this vulnerability you can upload any file you want .php .. etc
* the script is job board from job script company we can upload shell into
* board ok now look at steps

       * first goto http://host/path/register.php
       * and now sign in board
       * goto add CV Page here http://host/path/mycv.php
       * then go and upload shell file
       * click Upload CV
       * now go to - Click Here to view your CV  -
              * like this http://host/path/accesscv.php?id=[randid]
       * shell uploaded successfully
      
* you can test this vulnerability in demo user
   * email : demo
   * pass : demo
  
*** notes :
          ** use it in your own risk

./be safe

# [2009-05-21]

[

推荐] [

评论(0条)] [返回顶部] [打印本页] [关闭窗口]

匿名评论

评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。

§最新评论：

热点文章

·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1

推荐广告