29 lines
No EOL
788 B
Text
29 lines
No EOL
788 B
Text
=============================================================
|
|
SelectSurvey CMS (ASP.NET) Shell Upload Vulnerability
|
|
=============================================================
|
|
|
|
###################################################
|
|
#
|
|
# Exploit Title: SelectSurvey.NETv4 CMS (ASP.NET) Shell Upload Vulnerability
|
|
# DDate: 20/12/2012
|
|
# Author: 040
|
|
# Software Link: www.classapps.com
|
|
# Version: 3.x . 4.0
|
|
# Tested on: windows
|
|
# dork : "SelectSurvey.NETv4 site:uk"
|
|
# Contact: cyber040@hotmail.com ~ @04hazmi
|
|
#
|
|
####################################################
|
|
|
|
exploit # /survey/UploadImagePopup.aspx
|
|
|
|
or http://survey.site.com/UploadImagePopup.aspx
|
|
|
|
|
|
Upload to # http://site.com/UploadedImages/shell.asp
|
|
|
|
|
|
#######################################################
|
|
|
|
|
|
Greetz : Matlo3a-Dz |