<a href="%5C"><img alt="\"link\"" src="%5C">http://russcom.net/</a><br><br>One way to reach your goal:<br><br>1. Register as a normal user<br>2. Login<br>3. Go to \"profile\" --> \"Change password\"<br>4. Enter your old password<br>5. Enter as the new password: whatever' WHERE Uname='nameoftheadminuser'/*<br><br>The login as \"nameoftheadminuser\" with the password \"whatever\".<br>Now you can go to \"Admin CP\" and you can edit the whole \"main.php\".<br>Maybe it is also possible to go there without changing the admin's password so that the whole attack would be more stealthy, but I haven't found a way.<br><br>tbs
I also like there \"ping\"script:<br><br>--------------------------------------------------------<br>...<br>if($_GET['do'] == 'ping')<br>{<br>$_domain = $_POST['domain'];<br> echo \"<pre>\";<br> system (\"ping -w 10 -c 5 $_domain\");<br><br> echo \"</pre>\";<br>}<br>...<br>--------------------------------------------------------<br><br>tbs