Giters

hellfire1980 / CVE-2020-9380

https://medium.com/@anderson_pablo/iptv-smarters-exploit-cve-2020-9380-22d4b21f5da7

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

PoC IPTV Smarters Exploit

Usage

python gld.py -u http://www.pirate-ilegal-tv.com/ -i

Vulnerability

file includes/ajax-control.php:

<?php
/*
 * @ PHP 5.6
 * @ Decoder version : 1.0.0.1
 * @ Release on : 24.03.2018
 * @ Website    : http://EasyToYou.eu
 */

session_start();
if (file_exists("functions.php")) {
    include_once "functions.php";
    if (isset($_FILES["logoImage"])) {
        $target_dir = "../images/";
        $target_file = $target_dir . basename($_FILES["logoImage"]["name"]);
        if (move_uploaded_file($_FILES["logoImage"]["tmp_name"], $target_file)) {
            echo "images/" . $_FILES["logoImage"]["name"];
            exit;
        }
        echo "errorImage";
        exit;
    }

Screenshot

screenshot

Shell Script Interactive in Python.

About

https://medium.com/@anderson_pablo/iptv-smarters-exploit-cve-2020-9380-22d4b21f5da7

Languages

Language:Python 100.0%