PerlSoft Guestbook v1.7b Bruteforcer + RCE!

2009-01-31T00:00:00
ID SECURITYVULNS:DOC:21260
Type securityvulns
Reporter Securityvulns
Modified 2009-01-31T00:00:00

Description

Typ: Bruter & RCE Name: PerlSoft GB Pwner Affected Software: PerlSoft Gastebuch Version: 1.7b Coder/Bugfounder: Perforin

------> the RCE is only once possible, do not waste your command!

STEP1: Use my script to bruteforce the admin login from the guestbook. STEP2: If we gain access, you can decide to get in the ACP with the login OR to use the RCE! STEP3: Deface or root the server ;)

------> Infos about the Exploit

Unfortunaly, the RCE is only once possible and only after gaining acces to the admincenter... so choose your command usefull. (I tried to make a RFI out of it but the results were shitty because most of the webserver are secured against including php file from other webservers.) The RCE is possible due a security hole when you change the Username. The script doesn?t check the input so we can manipulate the script.=)

-----> The Exploit Code

Get it here: http://virii.lu/Perl-Scripts/GB_Pwner.txt

-----> Visit & Greetings

Visit my Blog virii.lu and of course vxnet! Greetings to all vxer out there.


http://redirect.gimas.net/?n=M0902xWLM2009_DE Neu: Messenger 2009! Hier kostenlos downloaden!