The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015
06/24/2013

PodHawk 1.85 - Arbitary File Upload Vulnerability

# Exploit Title   : PodHawk Arbitary File Upload Vulnerability
# Date            : 23 June 2013
# Exploit Author  : CWH Underground
# Site            : www.2600.in.th
# Vendor Homepage : http://podhawk.sourceforge.net
# Software Link   : http://jaist.dl.sourceforge.net/project/podhawk/podhawk/podhawk_1_85/podhawk_1_85.zip
# Version         : 1.85
# Tested on       : Window and Linux
  
  ,--^----------,--------,-----,-------^--,
  | |||||||||   `--------'     |          O .. CWH Underground Hacking Team ..
  `+---------------------------^----------|
    `\_,-------, _________________________|
      / XXXXXX /`|     /
     / XXXXXX /  `\   /
    / XXXXXX /\______(
   / XXXXXX /        
  / XXXXXX /
(________(          
  `------'
  
#####################################################
VULNERABILITY: Unrestricted File Upload
#####################################################
  
/podhawk/uploadify/uploadify.php (LINE: 33-44)

-----------------------------------------------------------------------------
if (!empty($_FILES))
{
    if ($_GET['upload_type'] == 'audio')
    {
        $writable = 'upload';
        $targetPath = UPLOAD_PATH;
    }
    else
    {
        $writable = 'images';
        $targetPath = IMAGES_PATH;
    }
-----------------------------------------------------------------------------  
  
#####################################################
DESCRIPTION
#####################################################
  
This application has an upload feature that allows an authenticated user
with Administrator roles or User roles to upload arbitrary files cause remote code execution by simply request it.

#####################################################
EXPLOIT POC
#####################################################
  
1. Log On User account (Author) account
2. Access http://target/podhawk/podhawk/index.php?page=record1
3. Upload a file to the upload folder via "Browse"
4. Upload PHP shell (shell.php) and upload it
5. For access shell, http://target/podhawk/upload/shell.php
6. Server Compromised !!
  
################################################################################################################
Greetz      : ZeQ3uL, JabAv0C, p3lo, Sh0ck, BAD $ectors, Snapter, Conan, Win7dos, Gdiupo, GnuKDE, JK, Retool2
################################################################################################################

Security Advisories Database

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

01/29/2015

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.

01/20/2015