Image Store Remote file Upload Vulnerability



EDB-ID: 13782 CVE: N/A OSVDB-ID: N/A
Author: Mr.FireStormm Published: 2010-06-08 Verified: Not Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
============================================= ===================================
============================================= ======
                 Image Store Remote file Upload Vulnerability
============================================= ===================================
============================================= ======



############################################# ###################################
############################################# #######

# Name: Image Store V 1.0

# Date: 09-06-2010

# vendor: http://www.scriptidea.net/imagestore/

# Price: $199.00

# Discovered By: Mr.FireStormm

# Contact : Fire_stormm2003@hotmail.com

# MY Team : TeaM HacKer Egypt

# MY Web  : http://gaza-hacker.com/cc/
############################################# ###################################
############################################# ######


Hello every one 

STEP 1 :  upload shell.php

STEP 2 : useing live http headers and change (Content-Type) form Content-Type: application/octet-stream to

Content-Type: image/jpeg

ur shell uploded now http://www.site.com/imagestore/images/06-08-2010_shell.php

            Example 

http://www.scriptidea.net/imagestore/



Special Thanks To My Best FriendS : Dr.SiLnT HilL ,,,, Mr.Alsaeek 

############################################# ###################################
############################################# ######