Hello to everyone I'm sorry if this was already posted but if it wasn't have a look at it. It seems that includer.cgi will do a very nice directory traversal for you but I don't know what version or other specific details but the vuln. is very high.I tried only a couple of them and it was enough for me.If the includer will serve a text file existed on the web server then it will serve you any file you want.It looks like this: If the server has a valid url http://server.com/path/includer.cgi?some_existing_text_file then it will hapilly also show http://server.com/path/includer.cgi?../../../../../../../../../../../etc/passwd Some versions even don't bother to go up the / directory http://server.com/path/includer.cgi?/etc/passwd Now don't go out and break other people's work and show others what a smart guy you are and what stupid other people are. Try to have fun with it and stop there.
