"Custom Upload" Sql injection remote php shell upload vulnreblity

“Custom Upload” remote php shell upload vulnreblity

Google Dork : inurl:customupload.html

Poc : fileupload.html
Author : NoEntryPhc

SQL injection vulnreblity : 
Goto Google.com and Type this dork  : inurl:customupload.html now see results 
you’ll get something like this http://www.site.com/customupload.html?category=5
now simple putsign to check SQL injection vulnreblity
if any error like Warning: Mysql then its vulnreable to Sql injection, now get admin password with Manuall sql injection or use any tool like Havij, SQLMap

Remote Shell Upload vulnreblity
Goto Google.com and Type dork inurl:customupload.html and check Search results 
Goto site, n fill details like first name last name email ( dont’t fill real info here)
now in attachment upload your php shell 
To view your uploaded files Goto /fileuploads/ directory and check your file there
Live Demo :
http://www.choiceprintings.com/fileupload.html
http://www.copyplusus.com/fileupload.html
Result :
http://www.choiceprintings.com/fileuploads/hahashellphp%5e131.php

Read more: "Custom Upload" Sql injection remote php shell upload vulnreblity

Incoming search terms

Story added 24. October 2012, content source with full text you can find at link above.