header-logo
Suggest Exploit
vendor:
dokeos
by:
RoMaNcYxHaCkEr
7.5
CVSS
HIGH
Bypass Upload Shell
CWE
Product Name: dokeos
Affected Version From: 1.8.2004
Affected Version To: 1.8.2004
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

dokeos-1.8.4 Bypass Upload Shell From Your Profile (Your Cpanel)

This exploit allows an attacker to bypass the upload shell functionality in dokeos-1.8.4 and upload a shell to the user's profile. By registering in the script and accessing the profile page, the attacker can upload a renamed shell file and access it through the profile page.

Mitigation:

Upgrade to a newer version of dokeos that includes a patch for this vulnerability.
Source

Exploit-DB raw data:

# Name : dokeos-1.8.4  Bypass Upload Shell From Your Profile (Your Cpanel)
# Download From : http://www.dokeos.com/download/dokeos-1.8.4.zip
# Found By : RoMaNcYxHaCkEr
# Home Page : Not Yet :(
# Google Dork : Platform Dokeos 1.8.4 © 2007
============================================================================
# Explantion By Video:
http://www.mediafire.com/?92em2pjx0s1
# Explantion Exploit :
First You Must Register In Script Ok :
http://localhost/dokeos/main/auth/inscription.php
And Enter By Username And Your Password The Enter Here Your Profile You Can See That Above :
http://localhost/dokeos/main/auth/profile.php
Then You See Choice My productions And See Browser Rename Your Shell To Shell.php.rar Then Choose Ok In Final
Then Enter Here And See Your Profiles And If You Online Or Not
http://localhost/dokeos/whoisonline.php
And Search Your Username And Enter Your Profile
Then You See All Information Which You Added !! Like That:
Productions
sniper.php.rar
See That Enter Your Name Shell And See Link Your Shell Like Me Here
http://localhost/dokeos/main/upload/users/4/sniper.php.rar
That,s All :)
Good Luck Everybody
============================================================================
# Greet To :
Cold Z3ro My Master (Hackteach.org)
Hack15 TeaM (V99x.com)
Sniper-Sa (Sniper-sa.com)
Tryag TeaM (Tryag.com)
Yee7 TeaM (Yee7.com)
H-T TeaM (no-hack.fr)
Str0ck
My5ql Team
Also: Saudi Kafo , Adel Alroh , Mr-Google , Kill eye And All My Friends
# For Contact : RxH@HotMail.iT
Best Wishes

# milw0rm.com [2007-12-18]

Navigation

Suggest Exploit

Services By CQR