21 lines
843 B
Text
Executable file
21 lines
843 B
Text
Executable file
=================================================================
|
|
=================Memberkit 1.0 Remote File Upload================
|
|
=================================================================
|
|
|
|
Vendor: http://www.memberkit.com/
|
|
Discovered: 12-30-08
|
|
Discovered By: Lo$er
|
|
|
|
====Exploit====
|
|
|
|
After registered and logged in, a user can upload any type of file in "My Picture Album" where a picture would usually be uploaded.
|
|
For example, if the file "shell.php" was uploaded to somesite.com, its location would likely be
|
|
|
|
http://somesite.com/uploads/pictures/pictures/[user]/[picture number]_shell.php
|
|
|
|
The location of the file can also easily be found by using your browser's "view image" function where the image would appear regularly.
|
|
|
|
===<3===
|
|
lots of lub to (irc.)r00tsecurity.org and all of #r00tsecurity
|
|
|
|
# milw0rm.com [2009-01-01]
|