I would quote the whole code arround the includes, like:
[...]
if (file_exists("./".$chemin."/config.php")){
include ("$chemin/config.php");
include ("$chemin/options.inc.php");
include ("$chemin/freenews_functions.inc.php");
}
[...]
You could only include files on the same server, not remote and not a
shell.txt.
Hash: SHA512
I would quote the whole code arround the includes, like:
[...]
if (file_exists("./".$chemin."/config.php")){
include ("$chemin/config.php");
include ("$chemin/options.inc.php");
include ("$chemin/freenews_functions.inc.php");
}
[...]
You could only include files on the same server, not remote and not a
shell.txt.
MoHaNdKo wrote:
> ########################################################
> #
> #freenews---> fileinclude
> ###############################
> #
> #include ("$chemin/config.php");
> #include ("$chemin/functions.inc.php");
> #include ("$chemin/options.inc.php");
> #******************************************
> #name: MoHaNdKo
> #E-mail : xp1o (at) msn (dot) com [email concealed]
> #
> #
> #********************
> #exploit:
> # www.****.com/path/aff_news.php?chemin=shell.txt?
> #
> #
> #********************
> #Greatz:
> # www.xp10.com & www.d4eg.org & www.dmazika.org
> #
> # www.tryag.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
iD8DBQFFRmxCqBhP+Twks7oRCqoAAJ9YaqJn7Mdptjgc17uIV76Qcy5eVwCfRNpf
DmmJNRb3gp/R32Dq8dINQks=
=BGMI
-----END PGP SIGNATURE-----
[ reply ]