Tuesday, 24 June 2014

PHP Remote - File Uploading Vulnerability

Dork:
inurl:”cadastro.php?TipodeConta=
Choose any sites... This form will be appeared :


Type as this form:
Nome de usuário: a
Senha: a
Repita a senha : a
Nome: a
Sobrenome: a
Telefone: 0987654321 
 E-mail: 123@gmail.com
Then press Enviar.

You will be redirected to login site then type as this form again:
Nome de usuário: a
 Senha: a

I'll take an example:
http://www.amiltonimoveis.com.br/index.php
When got .../index.php => .../perfil.php then you'll get this: 
http://www.amiltonimoveis.com.br/perfil.php
Fill in the form all "a"... Press "Upload" to upload your file... :D

You will go to this site:
http://www.marlenefestasrs.com/sobre_mim.php?id=71


Then you will see your index or your files :D

Have a nice day...

./ NEXUS