Image Uploader" Shell Upload Vulnrability
"CMS admin Image Uploader" Shell Upload Vulnrability
Google dorks
inurl:"default_image.asp"
inurl:"default_imagen.asp"
Google dorks
inurl:"default_image.asp"
inurl:"default_imagen.asp"
inurl:"/box_image.htm"
You'll got a upload option after clicking on link that you got in google serach results
You'll got a upload option after clicking on link that you got in google serach results
Now select your deface, or shell and upload it =)
supported foramts : shell.asp;.jpg, shell.php;.jpg, .gif, .jpg, .png, .pdf, .zip .html .php
you can use Tamper data too...
Live demo :
https://www.thinkheartland.com/CMS/admin/default_Image.asp
https://www.thinkheartland.com/CMS/admin/images/backlinks.html
http://www.dautphetal.de/edit/default_asset.asp
Tags: Exploit, Shell, Vulnerability
Previous Article
Subscribe to:
Post Comments (Atom)
Share your views...
4 Respones to "Image Uploader" Shell Upload Vulnrability"
bhai image ko shell kaise banate hai..i mean,how to make an image a shell so that when we upload it,it will become a deface????
2 June 2012 at 10:45
SVM we cannot make a image a shell .. !!
we can make shell as a image format and try to upload and deface the websites :)
how to convert shell as a image format????
11 June 2012 at 23:48
you can convet it.. its very simple..
for example your shell is c99.php.
then change it to c99.php;gif :) :D
Post a Comment