Exploit: The following form is a sample exploit. It will mail you the /etc/passwd file off of the server running the script. (If you get an empty email, check the headers of the mail). Change www.victim.com to your target, and fill in form. As previously mentioned, if $SECURE_NAME is set, you may have to add a hidden field for "submit_to" that is the same as the targets submit_to field.BIGNOSEBIRD.COM's
ALL PURPOSE / ALL FUNCTION
FORM HANDLER
with auto e-mail reply!