========================================================= =============== JIKI TEAM [ Maroc And YameN ]=============== ========================================================= # Author : jiko # email : jalikom@hotmail.fr # Home : www.no-back.org & no-exploit.com # Script : 1Book Guestbook Script # Bug : remote code execution # Download : http://1scripts.net/scripts/1book.zip =========================JIkI Team=================== # if(in_array($_POST['username'], $bannedusers)) # echo 'Your username has been banned by the administrator.

'; # if(in_array($_SERVER['REMOTE_ADDR'], $bannedips)) # echo 'Your IP has been banned by the administrator.

'; # elseif($_POST['1'] + $_POST['2'] != $_POST['check']) # echo('You answered the security question incorrectly.'); # else # { # $data = unserialize(file_get_contents('data.php')); # array_push($data, array('user' => $_POST['username'], 'date' => mktime(), 'message' => $_POST['message'], 'website' => $_POST['website'], 'ip' => $_SERVER['REMOTE_ADDR'])); # file_put_contents('data.php', serialize($data)); # } # #} #===========================================================================================================================# # So, we can write a malicious code like in the variable $message, and $username # # and then we go in http://Site/script/data/data.php?jiko=[shell] # #===========================================================================================================================# simple exploit whith HTML: ------------------------- change site by your site +++++++++++++++++++++++++ EXploit BY JIKO
a fter send your usage:
http://site/scripts/data.php?jiko=[shell]
========================================================= greetz: all my friend [kil1er & GhosT HaCkEr & stack ] and H-T Team and all No-back members and tryag.Com visit: www.no-back.org & www.tryag.com & no-exploit.com ========================================================= ************************** hello brother i want chnage my name Jiki Team to JiKo and my email to jalikom@hotmail.fr and this a news bug remote code execution