.kilu.de Mobile Domain File Upload Vulnerability

I'm Z190T, member of Exploit-Id

===================================================

[x] Title : ".kilu.de Mobile Domain File Upload Vulnerability"
[x] Author : Z190T
[x] Contact : mahruz.id[at]gmail[dot]com
[x] Vendor : http://www.kilu.de/hosting
[x] Platform : PHP
[x] Category : WebApps
[x] dork :
* inurl:".kilu.de/foto/"
* inurl:"/foto/index.php" intitle:"Uploader"
[x] Tested on : anything OS,,,

**** Attachtement ****
- http://www.bego.kilu.de/foto/index.php
- Shell Example : shell.php.jpg, or,, anything support file

**** Preview ****
- Yuo can see URL "if success" '0r'
- http://www.bego.kilu.de/foto/file/[here]

**** Note ****
- This same trick with the Mini Host yesterday.

**** Video ***
- http://www.4shared.com/file/KsdkLfup/kilu.html

===================================================

[+] Thx TO [+]

[x] All member of EXPLOIT-ID.com, ungu.com, blackc0de.indonesianforum.net, thecybernuxbie.com etc...
[x] Temen yang saya Idolakan : haX0r.x0x, Surabaya Getar, kaMtiEz, eXeSoul,
[x] Caddy-Dz, KedAns-Dz, metasploit, KnocKout, Zerofiles Kalikode, etc...

===================================================

Subyek: cara pemakaiannya gimana nih om ?? Tue Jul 05, 2011 7:33 pm

Z190T wrote:: I'm Z190T, member of Exploit-Id

===================================================

[x] Title : ".kilu.de Mobile Domain File Upload Vulnerability"
[x] Author : Z190T
[x] Contact : mahruz.id[at]gmail[dot]com
[x] Vendor : http://www.kilu.de/hosting
[x] Platform : PHP
[x] Category : WebApps
[x] dork :
* inurl:".kilu.de/foto/"
* inurl:"/foto/index.php" intitle:"Uploader"
[x] Tested on : anything OS,,,

**** Attachtement ****
- http://www.bego.kilu.de/foto/index.php
- Shell Example : shell.php.jpg, or,, anything support file

**** Preview ****
- Yuo can see URL "if success" '0r'
- http://www.bego.kilu.de/foto/file/[here]

**** Note ****
- This same trick with the Mini Host yesterday.

**** Video ***
- http://www.4shared.com/file/KsdkLfup/kilu.html

===================================================

[+] Thx TO [+]

[x] All member of EXPLOIT-ID.com, ungu.com, blackc0de.indonesianforum.net, thecybernuxbie.com etc...
[x] Temen yang saya Idolakan : haX0r.x0x, Surabaya Getar, kaMtiEz, eXeSoul,
[x] Caddy-Dz, KedAns-Dz, metasploit, KnocKout, Zerofiles Kalikode, etc...

===================================================

ijin comot om exploitnya...

iloveindo

banyak yang ke grebek awkawkawkawk

liat ke TKP

berangkat tkp omz. . :becak:

:mbomb: :mbomb: :mbomb:

» Wordpress Plugin EasyComment Upload Vulnerability
» Uber Uploader <- File Upload Vulnerability
» w2box Uploader <- File Upload Vulnerability
» Joomla Component -> com_remository -> Arbitrary File Upload Vulnerability
» TinyMCE ajaxfilemanager Upload Vulnerability