The other night Christ1an showed me a link of Adobe.com with directory traversal. It was an old exploit, however it works on Adobe. This showed how Adobe is not taking application security seriously. Well, i managed to saw the entire /etc/passwd file and DAMN!! i did not take a screen shot of it. I was too careless and excited not to take a screenshot. The following day, the issue was resolved with reports being made to Adobe. Well check out the exploit here that was used against Adobe:
http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=../../../../../../../../../etc/passwd
Add a null byte character at the end of passwd. Please note that the exploit will not work anymore. However, this is the actual string i used few nights ago.
The Hacka Man
Sabtu, 29 September 2007
Adobe Directory Traversal???????
21.23
No comments
Langganan:
Posting Komentar (Atom)
0 komentar:
Posting Komentar