phpFileManager 0.9.8 Remote Command Execution

phpFileManager 0.9.8 Remote Command Execution


phpFileManager is a complete filesystem management tool on a single file. Features: server info, directory tree, copy/move/delete/create/rename/edit/view/chmod files and folders, tar/zip/bzip/gzip, multiple uploads, shell/exec, works on linux/windows


  • server info
  • directory tree
  • copy/move/delete/create/rename/edit/view/chmod files and folders
  • tar/zip/bzip/gzip
  • multiple uploads
  • shell/exec
  • works on linux/windows


 PHPFileManager is vulnerable to remote command execution and will call operating system commands via GET requests from a victims browser. By getting the victim to click our malicious link or visit our malicious website.

Exploit code(s):

Remote Command Execution:

1- call Windows cmd.exe


2- Run Windows calc.exe



Source from :




PHP File Manager – Multiple Critical Security Vulnerabilities ( Including Backdoor! )


PHP File Manager – Multiple Critical Security Vulnerabilities ( Including Backdoor! )

According to Sijmen Ruwhof ( ) , a security consultant and penetration tester based in the Netherlands, some of the issues have been present in the software for the last five years. After three failed attempts to get in touch with Revived Wire Media, the Virginia-based company behind the product, Ruwhof opted on Monday to disclose the issues publicly – See more at:

Hit Login Button

“Password hashes stored in the user database are unsalted and are generated via the deprecated MD5 hash algorithm,” Ruwhof said. He explained that an attacker could revert the hashes to their original passwords using an online MD5 reversing service.

The file manager also has a weak password strength policy, a lack of variation in default passwords and measures that don’t force the user to change default passwords. Other flaws include an unsecured backdoor, the ability for users to upload arbitrary and unauthenticated files, and no configuration to restrict file extensions.

Source :

How to Get Free Credits for Skype - Skype to Mobile Free - TUT

Free Credits for Skype  - Skype to mobile Calls free

Step 1 : Create Microsoft Account  like hotmail , live outlook ( i have account )
Step 2 : login to
Step 3 : If you see the error "Bing Rewards isn't available yet in your country or region"
Step 4 : Use Hola proxy plugin for chrome and change the location to USA and reload the Bing
Step 5 : Start Search in Bing for 3 search 1 credit once you reach 100 you can remede 100 credits and use for Skype 
Step 6 : Credits will sent to your Email copy the skype code paste on 

Step 7 :
Step 8 : check your Skype Balance 


Step 9 : Feed back to  and    :P