lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <4ABA2A69.6060106@fm.ul.pt>
Date: Wed, 23 Sep 2009 15:02:17 +0100
From: ยป Ruben Alves <rubenalves@...ul.pt>
To: Anastasios Monachos <anastasiosm@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: PHP file vulnerable on SMF 1.1.10

I had the same kind of files in my SMF forum. I've never uploaded files 
with a "~" at the end. In my opinion, that happens when the admin 
updates a SMF forum (with the webadmin panel).
Anyway, the critical file "Settings.php" is not  viewable.



Anastasios Monachos wrote:
> When editing a file with vi or other editors it creates a temporary 
> version of the original appending next the filename a tilde (~), looks 
> to me that's the case.
>
> 2009/9/23 bro <tweetycoaster@...il.com <mailto:tweetycoaster@...il.com>>
>
>     In Simple Machine Forum application version 1.1.10,
>     everybody can see some PHP files as like as index.php by any browsers
>     just added "~" symbol to end of filename.
>     examples:
>     http://vulnsite.com/path_of_SMF/index.php~
>     <http://vulnsite.com/path_of_SMF/index.php%7E>
>     http://vulnsite.com/path_of_SMF/ssi_examples.php~
>     <http://vulnsite.com/path_of_SMF/ssi_examples.php%7E>
>     http://vulnsite.com/path_of_SMF/SSI.php~
>     <http://vulnsite.com/path_of_SMF/SSI.php%7E>
>
>
>     --
>     I will never let you go ...
>
>     _______________________________________________
>     Full-Disclosure - We believe in it.
>     Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>     Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>
> -- 
> AM
> Key ID: 0x5EB17EE7
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ