Zubrag Smart File Download 1.3 - Arbitrary File Download

EDB-ID:

8567

CVE:


EDB Verified:

Author:

Aodrulez

Type:

webapps

Exploit:   /  

Platform:

PHP

Date:

2009-04-29

Vulnerable App: 
---------------------------------------------------
"File Download 1.3" Remote File Download Exploit.
---------------------------------------------------
By       :Aodrulez. 
Email    :f3arm3d3ar@gmail.com
Blog	   :aodrulez.blogspot.com.
---------------------------------------------------

Script Name:File Download 1.3
Vendor     :http://www.zubrag.com/scripts/ 

Description:

This particular php script,named as "download.php"
can be tricked into allowing a remote attacker to
download all kinds of files such as .php,.txt etc 
etc.This can be achieved by adding a null byte 
followed by an allowed extension..for eg:

http://www.site.com/download.php?f=/path/file.php%00.jpg

-----------------------------------------------------
Greetz Fly Out to:
1] Amforked()      : My Mentor.
2] The Blue Genius : My Boss.
3] www.OrchidSeven.com.

"If you think C++ is not overly complicated, just what is 
a protected abstract virtual base pure virtual private 
destructor, and when was the last time you needed one?"
-- Tom Cargil.

# milw0rm.com [2009-04-29]
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services