POC - Quick.Cart v6.5 - Local File Inclusion
AchN30
[LFI] Quick.Cart v6.5
admin.php::
... SNIP ...
extract( $_GET );
define( 'ADMIN_PAGE', true );
... SNIP ...
Funny, passing user input directly to extract x) --- We will need this later...
admin.php::
... SNIP ...
require 'database/config/general.php';
... SNIP ...
Lets digg here :p
database/config/general.php::
... SNIP ...
$config['change_language_to_polish'] = true;
if( !defined(...
3:33 AM
LFI
,
Local File Inclusion
,
POC
,
Quick.Cart v6.5
,
Vulnerability
[ForbiddenBITS CTF 2013] [Writeup] [Hidden1 & Hidden2]
AchN30
In the CTF IRC Channel (irc://freenode.net/forbiddenbits) we see
in description:
//try to have fun with our bot :D
So we tried to execute some commands, and we got some of them "!", "!help" , "!flag", "!hidden", ...
[16:26] <AchN30_> !help
[16:26] <[FB]BOTx> 8,1 ima stupid bot :
Hidden Challenge 01:
[16:50] <AchN30_> !flag
[16:50] <[FB]BOTx> Here's Your...
4:59 PM
ctf
,
forbiddenbits
,
hidden1
,
hidden2
,
writeup
Subscribe to:
Posts
(
Atom
)